youneedverifictionmetam.work.gd/authen
174.136.231.90200 OK 0 B URL User Request GET HTTP/1.1 youneedverifictionmetam.work.gd/authen
IP 174.136.231.90:443
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /authen HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 22 May 2023 01:36:26 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha; expires=Mon, 22-May-2023 03:36:26 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://youneedverifictionmetam.work.gd/
youneedverifictionmetam.work.gd/
174.136.231.90 0 B URL youneedverifictionmetam.work.gd/
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET / HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Mon, 22 May 2023 01:36:27 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://youneedverifictionmetam.work.gd/authen
youneedverifictionmetam.work.gd/authen
174.136.231.90200 OK 5.8 kB URL User Request GET HTTP/1.1 youneedverifictionmetam.work.gd/authen
IP 174.136.231.90:443
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (523)
Hash 18bab30419d44cd3fe20775bbaaaed82
70408ee2d85cf733da31ee3318f0281c20aab1b2
99bee9f452cc02a7ad1b16439971d0fb567a411e0face9e8d88f27aad3306cdd
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /authen HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:27 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5819
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 3b91f01d5207d1641bcdd0ee53561353
4ef7d6092b868eb8b500e8729efb4301e1d1f4be
b36bd6756866f8c7ebebee886314ac7ee381615d365b7509c008df8f57ecf655
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 01:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
youneedverifictionmetam.work.gd/meta/normalize.css
174.136.231.90200 OK 2.7 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/normalize.css
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
Hash 4951cc88307c632cf285d3ba988ab283
031d58bc40b4242b27d8171a01bb0ecb5f9d22d7
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/normalize.css HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Content-Type: text/css
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a130-1e5c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/webflow.css
174.136.231.90200 OK 9.3 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/webflow.css
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type Unicode text, UTF-8 text, with very long lines (2587)
Hash 13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/webflow.css HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Content-Type: text/css
Last-Modified: Thu, 18 May 2023 22:05:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a131-98c5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3 472 B IP 142.250.74.3:0
Hash 3b91f01d5207d1641bcdd0ee53561353
4ef7d6092b868eb8b500e8729efb4301e1d1f4be
b36bd6756866f8c7ebebee886314ac7ee381615d365b7509c008df8f57ecf655
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 01:36:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
youneedverifictionmetam.work.gd/meta/plx.chock.js
174.136.231.90 311 B URL youneedverifictionmetam.work.gd/meta/plx.chock.js
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
Hash 5acfeead7d13511cdef767305b87e3f8
ec5337e62f1e64d3aaba3bf41a41b5f876964922
b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/plx.chock.js HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Content-Type: application/javascript
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a130-d41"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/css.html
174.136.231.90200 OK 684 B URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/css.html
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
Hash 147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/css.html HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Content-Type: text/html
Content-Length: 684
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Connection: keep-alive
ETag: "6466a130-2ac"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
youneedverifictionmetam.work.gd/meta/metamask-staging-2.webflow.css
174.136.231.90 18 kB URL youneedverifictionmetam.work.gd/meta/metamask-staging-2.webflow.css
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
Hash d4ede0f1d47b3b9aac92ea8a29c2ec85
135c44809f03ce1360c7e74da033e4b4f5cfb87c
98489ee303fa850e7c3185248b30d64dfb6c7c55aa8726a98efb037525988e5a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/metamask-staging-2.webflow.css HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Content-Type: text/css
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a130-22adb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/enterprise.js.download
174.136.231.90 614 B URL GET youneedverifictionmetam.work.gd/meta/enterprise.js.download
IP 174.136.231.90:0
Requested by https://youneedverifictionmetam.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (1008), with no line terminators
Hash d07e7630bc23cbdd7520d0a4f086c922
b50685923a96d55109959fdf21f369d902971b2a
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/enterprise.js.download HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Content-Type: application/javascript
Content-Length: 614
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
ETag: "3f0-5fbff010c4374-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/js
174.136.231.90 35 kB URL GET youneedverifictionmetam.work.gd/meta/js
IP 174.136.231.90:0
Requested by https://youneedverifictionmetam.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (1815)
Hash fb2ab9b8632250b0d7aa50c08150cfe1
73b3f266ac08c9fb07e1de1664fed384ccd5bc86
5d419e0ff614b331e4f8fed2ba7c1380b1f5983f98d820a6a0f7040b55f60b5b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/js HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Content-Length: 35327
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
ETag: "168a5-5fbff0110c7b6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/webfont.js.download
174.136.231.90 5.4 kB URL youneedverifictionmetam.work.gd/meta/webfont.js.download
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (2134)
Hash 7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/webfont.js.download HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Content-Type: application/javascript
Content-Length: 5415
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:37 GMT
ETag: "3384-5fbff0119dfd9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
174.136.231.90200 OK 31 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Content-Type: application/javascript
Content-Length: 30910
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
ETag: "15d84-5fbff01100c35-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/jsonp
174.136.231.90 87 kB URL GET youneedverifictionmetam.work.gd/meta/jsonp
IP 174.136.231.90:0
Requested by https://youneedverifictionmetam.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7efac8c0fa8e30db7a423500ef59abab
be73717f776f24dd31498c27a1b02b784570d5bb
102411780270584690575675e14e574ef8a16cf6fdd5700d5682e68a8d2cc00d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/jsonp HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
ETag: "43f6e-5fbff01115456-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/css.html
174.136.231.90200 OK 684 B URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/css.html
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
Hash 147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/css.html HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Content-Type: text/html
Content-Length: 684
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Connection: keep-alive
ETag: "6466a130-2ac"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
youneedverifictionmetam.work.gd/meta/mm-logo.svg
174.136.231.90 3.4 kB URL youneedverifictionmetam.work.gd/meta/mm-logo.svg
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Hash 51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/mm-logo.svg HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a130-2ef3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/wpp.gif
174.136.231.90200 OK 3.9 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/wpp.gif
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type GIF image data, version 87a, 470 x 40\012- data
Hash 941648b845842a709da73e24652cf8a4
099e5f97e602d026c51537c9b45328dc99261d7c
2a7344e607a878f0acac7f5c9c3a65fc8a4423f00e21d3fb7a814cae051631d9
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/wpp.gif HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Content-Type: image/gif
Content-Length: 3877
Last-Modified: Thu, 18 May 2023 22:05:37 GMT
Connection: keep-alive
ETag: "6466a131-f25"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
youneedverifictionmetam.work.gd/meta/webflow.js.download
174.136.231.90 147 kB URL GET youneedverifictionmetam.work.gd/meta/webflow.js.download
IP 174.136.231.90:0
Requested by https://youneedverifictionmetam.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type Unicode text, UTF-8 text, with very long lines (50020)
Size 147 kB (147184 bytes)
Hash 9758f7e3aa0c79ea7a3cadb16d10087b
07f3c4e552e28eba6172f53d6dcf981a55f42031
0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/webflow.js.download HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:28 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:37 GMT
ETag: "92c10-5fbff011a4d39-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/EuclidCircularB-Bold-WebXL.woff2
174.136.231.90200 OK 44 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/EuclidCircularB-Bold-WebXL.woff2
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Hash 9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/meta/metamask-staging-2.webflow.css
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:29 GMT
Content-Length: 44544
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
ETag: "ae00-5fbff010d3d74"
Accept-Ranges: bytes
Vary: Accept-Encoding
youneedverifictionmetam.work.gd/meta/hero2.4.png
174.136.231.90200 OK 590 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/hero2.4.png
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data
Size 590 kB (589568 bytes)
Hash d0ec70f4c666fbf6ad0d30a52d08c5c9
e48f0688bc4f592824840478d12c05df0dd12002
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/hero2.4.png HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/meta/metamask-staging-2.webflow.css
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:29 GMT
Content-Type: image/png
Content-Length: 589568
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Connection: keep-alive
ETag: "6466a130-8ff00"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Changa+One:400,400italic
142.250.74.106200 OK 46 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Changa+One:400,400italic
IP 142.250.74.106:443
Requested by https://youneedverifictionmetam.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type gzip compressed data, max compression\012- data
Hash 20cf033b487fecb8a844fcb51ec9b5e8
d50afb2544b1be0b29eddb51879ceebc9e29b913
486d3d55d96b2bdd60180b5a56d285dfeacee43114aa565aa2fbc1a444c1f5e3
GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 22 May 2023 01:36:28 GMT
date: Mon, 22 May 2023 01:36:28 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
youneedverifictionmetam.work.gd/meta/storage.secure.min.js.download
174.136.231.90 13 kB URL youneedverifictionmetam.work.gd/meta/storage.secure.min.js.download
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (38562), with no line terminators
Hash 3386ec5559f1ba569cf0ab6acab436cc
e98e11d37c5172ee128a85f68447efb3cb0e853c
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/storage.secure.min.js.download HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:29 GMT
Content-Type: application/javascript
Content-Length: 13194
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:37 GMT
ETag: "96a2-5fbff01166537-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/bframe.html
174.136.231.90200 OK 4.1 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/bframe.html
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Hash ab544024d3cf8ee17b4995a04711bc92
da849c1c8b08864d499153a059e5d429b8df19ce
b9d7893f4e6f83b6dca5ec8e27e47e382f4ace81907591ab102345bef9d3bb5f
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/bframe.html HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:30 GMT
Content-Type: text/html
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a130-2e07"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/styles__ltr.css
174.136.231.90200 OK 24 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/styles__ltr.css
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/meta/bframe.html
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (52368), with no line terminators
Hash 97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /meta/styles__ltr.css HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/meta/bframe.html
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:30 GMT
Content-Type: text/css
Last-Modified: Thu, 18 May 2023 22:05:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a131-cc90"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/metamask.io/images/webclip.png
174.136.231.90 557 B URL youneedverifictionmetam.work.gd/metamask.io/images/webclip.png
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc10f358967a59750ef6fd9a698e2d60
3fc472d167c41a4193625aff84ee6e599b302002
16ce845440c38f491f80553aee7a8144dcc0a82c46258deaffdd10a0fa3d2db2
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /metamask.io/images/webclip.png HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 22 May 2023 01:36:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 557
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/metamask.io/images/favicon.png
174.136.231.90 557 B URL youneedverifictionmetam.work.gd/metamask.io/images/favicon.png
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc10f358967a59750ef6fd9a698e2d60
3fc472d167c41a4193625aff84ee6e599b302002
16ce845440c38f491f80553aee7a8144dcc0a82c46258deaffdd10a0fa3d2db2
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /metamask.io/images/favicon.png HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/authen
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 22 May 2023 01:36:30 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 557
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/recaptcha__nl.js.download
174.136.231.90200 OK 138 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/recaptcha__nl.js.download
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/meta/bframe.html
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (820)
Size 138 kB (137504 bytes)
Hash e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/recaptcha__nl.js.download HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/meta/bframe.html
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:30 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
ETag: "56577-5fbff0114cef7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash d34f0af5cb22586cc436ab96da5df7cc
91c7686c859dd34556de215681e7124a8af7cb70
3e6027d2501218ce83cd136b33af94417d03c38330873e6d80570f00c6c0c8e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 01:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash d34f0af5cb22586cc436ab96da5df7cc
91c7686c859dd34556de215681e7124a8af7cb70
3e6027d2501218ce83cd136b33af94417d03c38330873e6d80570f00c6c0c8e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 01:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
216.58.207.227 8.4 kB URL fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Hash 141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://youneedverifictionmetam.work.gd
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 07:46:25 GMT
expires: Fri, 17 May 2024 07:46:25 GMT
cache-control: public, max-age=31536000
age: 323405
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash d34f0af5cb22586cc436ab96da5df7cc
91c7686c859dd34556de215681e7124a8af7cb70
3e6027d2501218ce83cd136b33af94417d03c38330873e6d80570f00c6c0c8e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 01:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
216.58.207.227200 OK 7.9 kB URL GET HTTP/2 fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP 216.58.207.227:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18
GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://youneedverifictionmetam.work.gd
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 06:19:20 GMT
expires: Fri, 17 May 2024 06:19:20 GMT
cache-control: public, max-age=31536000
age: 328630
last-modified: Thu, 21 Apr 2022 17:15:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3 471 B IP 142.250.74.3:0
Hash d34f0af5cb22586cc436ab96da5df7cc
91c7686c859dd34556de215681e7124a8af7cb70
3e6027d2501218ce83cd136b33af94417d03c38330873e6d80570f00c6c0c8e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 01:36:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/api2/info_2x.png
142.250.74.99200 OK 665 B URL GET HTTP/2 www.gstatic.com/recaptcha/api2/info_2x.png
IP 142.250.74.99:443
Requested by https://youneedverifictionmetam.work.gd/meta/bframe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:25:40 GMT
expires: Sat, 27 May 2023 13:25:40 GMT
cache-control: public, max-age=604800
age: 130250
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/audio_2x.png
142.250.74.99200 OK 530 B URL GET HTTP/2 www.gstatic.com/recaptcha/api2/audio_2x.png
IP 142.250.74.99:443
Requested by https://youneedverifictionmetam.work.gd/meta/bframe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:53:32 GMT
expires: Sat, 27 May 2023 13:53:32 GMT
cache-control: public, max-age=604800
age: 128578
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/refresh_2x.png
142.250.74.99200 OK 600 B URL GET HTTP/2 www.gstatic.com/recaptcha/api2/refresh_2x.png
IP 142.250.74.99:443
Requested by https://youneedverifictionmetam.work.gd/meta/bframe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:53:32 GMT
expires: Sat, 27 May 2023 13:53:32 GMT
cache-control: public, max-age=604800
age: 128578
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
142.250.74.99 1.6 kB URL www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP 142.250.74.99:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash c90524d6a02b27addb56c350fe6fbb2d
d713d1b53323c0169ffe0649be8c9d04a189f999
4aefd395113d052a874ac1919aed0e288835e0377683f1e71e98838d16c986e0
GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://youneedverifictionmetam.work.gd
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 22 May 2023 01:36:30 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
youneedverifictionmetam.work.gd/recover
174.136.231.90 5.7 kB URL youneedverifictionmetam.work.gd/recover
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (471)
Hash 9ad40ff49ddaf219967f99702210090b
3265c4f27b2773e7e15c5aea11387680014b46ae
c9517ac1a91f81449fe9df99661101f4ca89cae6e7cfeecda674da2b3c6c3d76
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /recover HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:40 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5700
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/normalize.css
174.136.231.90200 OK 2.7 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/normalize.css
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
Hash 4951cc88307c632cf285d3ba988ab283
031d58bc40b4242b27d8171a01bb0ecb5f9d22d7
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/normalize.css HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Type: text/css
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a130-1e5c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/webflow.css
174.136.231.90200 OK 9.3 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/webflow.css
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type Unicode text, UTF-8 text, with very long lines (2587)
Hash 13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/webflow.css HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Type: text/css
Last-Modified: Thu, 18 May 2023 22:05:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a131-98c5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/plx.chock.js
174.136.231.90 311 B URL youneedverifictionmetam.work.gd/meta/plx.chock.js
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
Hash 5acfeead7d13511cdef767305b87e3f8
ec5337e62f1e64d3aaba3bf41a41b5f876964922
b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/plx.chock.js HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Type: application/javascript
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a130-d41"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/css.html
174.136.231.90200 OK 684 B URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/css.html
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
Hash 147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/css.html HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Type: text/html
Content-Length: 684
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Connection: keep-alive
ETag: "6466a130-2ac"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
youneedverifictionmetam.work.gd/meta/webfont.js.download
174.136.231.90 5.4 kB URL youneedverifictionmetam.work.gd/meta/webfont.js.download
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (2134)
Hash 7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/webfont.js.download HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Type: application/javascript
Content-Length: 5415
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:37 GMT
ETag: "3384-5fbff0119dfd9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/metamask-staging-2.webflow.css
174.136.231.90 18 kB URL youneedverifictionmetam.work.gd/meta/metamask-staging-2.webflow.css
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
Hash d4ede0f1d47b3b9aac92ea8a29c2ec85
135c44809f03ce1360c7e74da033e4b4f5cfb87c
98489ee303fa850e7c3185248b30d64dfb6c7c55aa8726a98efb037525988e5a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/metamask-staging-2.webflow.css HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Type: text/css
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a130-22adb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/enterprise.js.download
174.136.231.90 614 B URL GET youneedverifictionmetam.work.gd/meta/enterprise.js.download
IP 174.136.231.90:0
Requested by https://youneedverifictionmetam.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (1008), with no line terminators
Hash d07e7630bc23cbdd7520d0a4f086c922
b50685923a96d55109959fdf21f369d902971b2a
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/enterprise.js.download HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Type: application/javascript
Content-Length: 614
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
ETag: "3f0-5fbff010c4374-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/js
174.136.231.90 35 kB URL GET youneedverifictionmetam.work.gd/meta/js
IP 174.136.231.90:0
Requested by https://youneedverifictionmetam.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (1815)
Hash fb2ab9b8632250b0d7aa50c08150cfe1
73b3f266ac08c9fb07e1de1664fed384ccd5bc86
5d419e0ff614b331e4f8fed2ba7c1380b1f5983f98d820a6a0f7040b55f60b5b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/js HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Length: 35327
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
ETag: "168a5-5fbff0110c7b6-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/css.html
174.136.231.90200 OK 684 B URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/css.html
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
Hash 147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/css.html HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Type: text/html
Content-Length: 684
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Connection: keep-alive
ETag: "6466a130-2ac"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
youneedverifictionmetam.work.gd/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
174.136.231.90200 OK 31 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Type: application/javascript
Content-Length: 30910
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
ETag: "15d84-5fbff01100c35-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/storage.secure.min.js.download
174.136.231.90 13 kB URL youneedverifictionmetam.work.gd/meta/storage.secure.min.js.download
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (38562), with no line terminators
Hash 3386ec5559f1ba569cf0ab6acab436cc
e98e11d37c5172ee128a85f68447efb3cb0e853c
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/storage.secure.min.js.download HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Type: application/javascript
Content-Length: 13194
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:37 GMT
ETag: "96a2-5fbff01166537-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.106200 OK 88 kB URL GET HTTP/3 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.106:443
Requested by https://youneedverifictionmetam.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type ASCII text, with very long lines (64971)
Hash beacbb9735056bdc44502f90d78008f2
a89dae8534b90d236c1ab42125a57a7d65267f6c
d218c89c0d08d19990e3d6255f5dd53c272e34fed888982466c76385b1a6c393
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 22 May 2023 01:36:28 GMT
date: Mon, 22 May 2023 01:36:28 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
youneedverifictionmetam.work.gd/meta/webflow.js.download
174.136.231.90 147 kB URL GET youneedverifictionmetam.work.gd/meta/webflow.js.download
IP 174.136.231.90:0
Requested by https://youneedverifictionmetam.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type Unicode text, UTF-8 text, with very long lines (50020)
Size 147 kB (147184 bytes)
Hash 9758f7e3aa0c79ea7a3cadb16d10087b
07f3c4e552e28eba6172f53d6dcf981a55f42031
0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/webflow.js.download HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:37 GMT
ETag: "92c10-5fbff011a4d39-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
216.58.207.227200 OK 7.9 kB URL GET HTTP/2 fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP 216.58.207.227:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18
GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://youneedverifictionmetam.work.gd
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 06:19:20 GMT
expires: Fri, 17 May 2024 06:19:20 GMT
cache-control: public, max-age=31536000
age: 328641
last-modified: Thu, 21 Apr 2022 17:15:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
216.58.207.227 8.4 kB URL fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Hash 141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://youneedverifictionmetam.work.gd
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 07:46:25 GMT
expires: Fri, 17 May 2024 07:46:25 GMT
cache-control: public, max-age=31536000
age: 323416
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Changa+One:400,400italic
142.250.74.106200 OK 129 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Changa+One:400,400italic
IP 142.250.74.106:443
Requested by https://youneedverifictionmetam.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type gzip compressed data, max compression\012- data
Size 129 kB (128664 bytes)
Hash 402029967866e7618a35953efde0a7e1
232d7ece1af084db553ffedb7a295b044c263289
4d598d5103eb520a2fb38fd11e5e2864fbf4459aed98740452a8506401cbbbe8
GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 22 May 2023 01:36:41 GMT
date: Mon, 22 May 2023 01:36:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
youneedverifictionmetam.work.gd/meta/mm-logo.svg
174.136.231.90 3.4 kB URL youneedverifictionmetam.work.gd/meta/mm-logo.svg
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Hash 51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/mm-logo.svg HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Type: image/svg+xml
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a130-2ef3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/EuclidCircularB-Regular-WebXL.woff2
174.136.231.90200 OK 45 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/EuclidCircularB-Regular-WebXL.woff2
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Hash 2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/meta/metamask-staging-2.webflow.css
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Length: 45196
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
ETag: "b08c-5fbff010e75f5"
Accept-Ranges: bytes
Vary: Accept-Encoding
youneedverifictionmetam.work.gd/meta/EuclidCircularB-Bold-WebXL.woff2
174.136.231.90200 OK 44 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/EuclidCircularB-Bold-WebXL.woff2
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Hash 9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/meta/metamask-staging-2.webflow.css
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Length: 44544
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
ETag: "ae00-5fbff010d3d74"
Accept-Ranges: bytes
Vary: Accept-Encoding
youneedverifictionmetam.work.gd/meta/bframe.html
174.136.231.90200 OK 4.1 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/bframe.html
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Hash ab544024d3cf8ee17b4995a04711bc92
da849c1c8b08864d499153a059e5d429b8df19ce
b9d7893f4e6f83b6dca5ec8e27e47e382f4ace81907591ab102345bef9d3bb5f
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/bframe.html HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:42 GMT
Content-Type: text/html
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a130-2e07"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/bframe.html
174.136.231.90200 OK 4.1 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/bframe.html
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/authen
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Hash ab544024d3cf8ee17b4995a04711bc92
da849c1c8b08864d499153a059e5d429b8df19ce
b9d7893f4e6f83b6dca5ec8e27e47e382f4ace81907591ab102345bef9d3bb5f
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/bframe.html HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:42 GMT
Content-Type: text/html
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a130-2e07"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/Institutional-Illustration.png
174.136.231.90 290 kB URL youneedverifictionmetam.work.gd/meta/Institutional-Illustration.png
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type PNG image data, 876 x 1040, 8-bit/color RGBA, non-interlaced\012- data
Size 290 kB (289564 bytes)
Hash 85607339bb7e3cc70e1b7568ed4d29b2
7c6301d70e1ab599857be6e9795b94418cef6079
5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/Institutional-Illustration.png HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/meta/metamask-staging-2.webflow.css
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:41 GMT
Content-Type: image/png
Content-Length: 289564
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
Connection: keep-alive
ETag: "6466a130-46b1c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
youneedverifictionmetam.work.gd/metamask.io/images/favicon.png
174.136.231.90 557 B URL youneedverifictionmetam.work.gd/metamask.io/images/favicon.png
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc10f358967a59750ef6fd9a698e2d60
3fc472d167c41a4193625aff84ee6e599b302002
16ce845440c38f491f80553aee7a8144dcc0a82c46258deaffdd10a0fa3d2db2
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /metamask.io/images/favicon.png HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 22 May 2023 01:36:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 557
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/styles__ltr.css
174.136.231.90200 OK 24 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/styles__ltr.css
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/meta/bframe.html
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (52368), with no line terminators
Hash 97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /meta/styles__ltr.css HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/meta/bframe.html
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:42 GMT
Content-Type: text/css
Last-Modified: Thu, 18 May 2023 22:05:37 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6466a131-cc90"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
youneedverifictionmetam.work.gd/metamask.io/images/webclip.png
174.136.231.90 557 B URL youneedverifictionmetam.work.gd/metamask.io/images/webclip.png
IP 174.136.231.90:0
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc10f358967a59750ef6fd9a698e2d60
3fc472d167c41a4193625aff84ee6e599b302002
16ce845440c38f491f80553aee7a8144dcc0a82c46258deaffdd10a0fa3d2db2
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
GET /metamask.io/images/webclip.png HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/recover
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Mon, 22 May 2023 01:36:42 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 557
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
youneedverifictionmetam.work.gd/meta/recaptcha__nl.js.download
174.136.231.90200 OK 138 kB URL GET HTTP/1.1 youneedverifictionmetam.work.gd/meta/recaptcha__nl.js.download
IP 174.136.231.90:443
Requested by https://youneedverifictionmetam.work.gd/meta/bframe.html
Certificate IssuerLet's Encrypt
Subjectyouneedverifictionmetam.work.gd
FingerprintAE:5E:2C:65:73:A4:4E:66:32:10:20:84:D5:99:F6:64:99:50:CD:3F
ValidityThu, 18 May 2023 21:03:53 GMT - Wed, 16 Aug 2023 21:03:52 GMT
File type ASCII text, with very long lines (820)
Size 138 kB (137504 bytes)
Hash e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
GET /meta/recaptcha__nl.js.download HTTP/1.1
Host: youneedverifictionmetam.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/meta/bframe.html
Cookie: cazanova=s1dpg641oslnqca5v0tsl32ropr1m7ha
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Mon, 22 May 2023 01:36:42 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 18 May 2023 22:05:36 GMT
ETag: "56577-5fbff0114cef7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.gstatic.com/recaptcha/api2/info_2x.png
142.250.74.99200 OK 665 B URL GET HTTP/2 www.gstatic.com/recaptcha/api2/info_2x.png
IP 142.250.74.99:443
Requested by https://youneedverifictionmetam.work.gd/meta/bframe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:25:40 GMT
expires: Sat, 27 May 2023 13:25:40 GMT
cache-control: public, max-age=604800
age: 130262
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/refresh_2x.png
142.250.74.99200 OK 600 B URL GET HTTP/2 www.gstatic.com/recaptcha/api2/refresh_2x.png
IP 142.250.74.99:443
Requested by https://youneedverifictionmetam.work.gd/meta/bframe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:53:32 GMT
expires: Sat, 27 May 2023 13:53:32 GMT
cache-control: public, max-age=604800
age: 128590
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/audio_2x.png
142.250.74.99200 OK 530 B URL GET HTTP/2 www.gstatic.com/recaptcha/api2/audio_2x.png
IP 142.250.74.99:443
Requested by https://youneedverifictionmetam.work.gd/meta/bframe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:53:32 GMT
expires: Sat, 27 May 2023 13:53:32 GMT
cache-control: public, max-age=604800
age: 128590
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.106200 OK 2.0 kB URL GET HTTP/3 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.106:443
Requested by https://youneedverifictionmetam.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT
File type gzip compressed data, max compression\012- data
Hash d1daaccb04e87d51f3d98ba3eb3f6811
88bcfdcc80575f8a4da8ee46b60f98ac20b70c07
e229e0e35d762200172b885576462b0d942b73369414920dfaea0b51695b46ee
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://youneedverifictionmetam.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 22 May 2023 01:36:41 GMT
date: Mon, 22 May 2023 01:36:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000