Report - opensea.com.kz/

Report Overview

Submitted URL
opensea.com.kz/
IP
77.73.133.16
ASN
#204197 Duomenu apdorojimo centras LTD
Submitted
2022-09-29 22:13:07
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
126

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
opensea.com.kz	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.5 kB	3.8 MB	77.73.133.16
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.35
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	44 kB	142.250.74.163
e1.o.lencr.org	6159	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	652 B	1.5 kB	23.36.76.226
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	56 kB	34.120.237.76
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	418 B	746 B	142.250.74.10
api.inetstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	841 B	104.21.20.107
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.49
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	987 B	1.8 kB	93.184.220.29
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	406 B	6.9 kB	104.17.24.14
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.5 kB	142.250.74.3
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.89.136.7

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet
2022-09-29	medium	opensea.com.kz/	Crypto/Wallet

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-29	medium	opensea.com.kz/	Phishing
2022-09-29	medium	opensea.com.kz/	Phishing
2022-09-29	medium	opensea.com.kz/js/bootstrap.min.js	Phishing
2022-09-29	medium	opensea.com.kz/images/walletlink-alternative.webp	Phishing
2022-09-29	medium	opensea.com.kz/images/metamask-alternative.webp	Phishing
2022-09-29	medium	opensea.com.kz/images/trust-alternative.webp	Phishing
2022-09-29	medium	opensea.com.kz/images/restless-promocard.webp	Phishing
2022-09-29	medium	opensea.com.kz/fonts/phantom.svg	Phishing
2022-09-29	medium	opensea.com.kz/images/logo.PNG	Phishing
2022-09-29	medium	opensea.com.kz/images/sturec-promocard.webp	Phishing
2022-09-29	medium	opensea.com.kz/images/walletconnect-alternative.webp	Phishing
2022-09-29	medium	opensea.com.kz/images/theweeknd-promocard.webp	Phishing
2022-09-29	medium	opensea.com.kz/images/32x32.webp	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed
2022-09-29	medium	opensea.com.kz	Sinkholed

JavaScript (4)

	URL	Size	First Seen	Last Seen
	opensea.com.kz/js/bootstrap.min.js	61 kB	2023-03-08	2023-03-13
Pretty URL opensea.com.kz/js/bootstrap.min.js IP 77.73.133.16 ASN #204197 Duomenu apdorojimo centras LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:37:09 Last Seen2023-03-13 23:37:15 Times Seen1 Hash c6eb5e66f556e49860f69ec2422765b3 441f145cb3ee3a3aa451ee713f9989d59ceee089 21a76ec72628b2256354f60bfaf4b547479ddcc68c672812e965735545d72d9f Loading...

	opensea.com.kz/	2.2 kB	2023-03-08	2023-03-08
Pretty URL opensea.com.kz/ IP 77.73.133.16 ASN #204197 Duomenu apdorojimo centras LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:37:09 Last Seen2023-03-08 03:37:09 Times Seen1 Hash 8968821fda5cfe6fdbfc044664245a6f 115b68a47f7b1ab10cdd4d64fd0e8ca29e71865c a5ec544e49068264ae98864d33c02404313f66946653fc812a74726891118b24 Loading...

	opensea.com.kz/	146 B	2023-03-08	2023-03-13
Pretty URL opensea.com.kz/ IP 77.73.133.16 ASN #204197 Duomenu apdorojimo centras LTD Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 03:37:09 Last Seen2023-03-13 23:37:15 Times Seen1 Hash f52fe8cbede8441f25523ed2afa435be 25a0499846a69248c80a12e633c5005b532f8cb2 8a4757c69e292f9c9acbfab6d50f3e35d186ff127e76668d1c2466c127ac5c3b Loading...

	api.inetstatic.com/tracking/script.js?referrer=https://opensea.com.kz/	200 B	2023-03-07	2023-03-30
Pretty URL api.inetstatic.com/tracking/script.js?referrer=https://opensea.com.kz/ IP 104.21.20.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:28:24 Last Seen2023-03-30 00:00:53 Times Seen13 Hash 265a4c101aa4e940ccf3370615c33c2c 1f6e3fefcab24dd744c521ece7dea39eaeba5e9a 82843a2293143c619a79d6a8d700e57fb72ea730d56cb5fa8a7cc0ca5bc90c89 Loading...

HTTP Transactions (57)

URL IP Response Size

opensea.com.kz/

77.73.133.16

301 Moved Permanently

178 B

URL HTTP/1.1
opensea.com.kz/
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
bd2695f4b079c71dbddde3436286fb9c
733c05da132193d6cf1d8e242d12e2525c03bab4
2e04a18ff185ba5b16f762a0538339bc4049aceaef9738edd43af77d2ceb788b

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:56 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://opensea.com.kz:443/

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6dd4587c98aef98ad0939030a6976a7f
92dc5966ac2deb0c3ac7fdd02bf8d28f9239801e
a382476d14b6ae14003333e7acdfbbd9ae8775d4c1a7d5c31116f33987043cff

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A382476D14B6AE14003333E7ACDFBBD9AE8775D4C1A7D5C31116F33987043CFF"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4084
Expires: Thu, 29 Sep 2022 23:21:00 GMT
Date: Thu, 29 Sep 2022 22:12:56 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 29 Sep 2022 21:15:55 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: lGAx1LWmhUPJqJiA5EJ2EaPJiUo6_2vina9bQy8ciN_3fUS_2HvySQ==
Age: 3421

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain

143.204.55.49

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP
143.204.55.49:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 29 Sep 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OmGC68zeS_G6LBkqyGwtQbozUvrRjuZ8iO1Hiun5ssPUieY_Iy-a8Q==
age: 60269
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 29 Sep 2022 22:12:56 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
891c6fb2906561bcd3233117ed34eb29
6b1839a36c664a9c101388778fc46bc2d9653323
f518e03f11e8955cad31d417a013ef316a3b40d235e811c92c127cc3e10deda5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F518E03F11E8955CAD31D417A013EF316A3B40D235E811C92C127CC3E10DEDA5"
Last-Modified: Wed, 28 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21590
Expires: Fri, 30 Sep 2022 04:12:47 GMT
Date: Thu, 29 Sep 2022 22:12:57 GMT
Connection: keep-alive

opensea.com.kz/

77.73.133.16

200 OK

2.8 kB

URL HTTP/1.1
opensea.com.kz/
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.8 kB (2806 bytes)
Hash
786236f314d80702b86cc985480e562a
6f7605870d6f711205863cd72ba27367ffc02f1a
09622a411f31fcb661a020485d907624333b8a6feaf9c0dd92be85cb65ccccba

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=31536000;

opensea.com.kz/css/bootstrap.min.css

77.73.133.16

200 OK

24 kB

URL HTTP/1.1
opensea.com.kz/css/bootstrap.min.css
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
24 kB (23451 bytes)
Hash
77baf83d839e193d6b61e8cfa19c4146
d20a6fe013c0c1e1e5987384c059d0a878beb710
6a50eb4c22351137d6bb53f5336ce13b01df0c922be2da11ee6d6150bba165cb

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /css/bootstrap.min.css HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: text/css
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6334a43c-260c5"
Expires: Fri, 30 Sep 2022 22:12:57 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
bfcb2840864c8a4c14a30a57bf610fc5
b7b65f78355d6189e650ad21a199819d08c04163
2a92d858a851a784ace07c09485ebe9586d8c229a6bdbfd8b2f931a7be8d055e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6467
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 22:12:57 GMT
Last-Modified: Thu, 29 Sep 2022 20:25:11 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 29 Sep 2022 21:29:33 GMT
Expires: Thu, 29 Sep 2022 21:32:08 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Y96AhzrCJ5s6_XmBO8ZNDi-KW6u8XetK5FO3EKzX0RCllp3imO_bEw==
Age: 2604

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css

104.17.24.14

200 OK

5.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.css
IP
104.17.24.14:0
ASN
#13335 CLOUDFLARENET

File type
troff or preprocessor input, ASCII text, with very long lines (372)
Size
5.9 kB (5884 bytes)
Hash
aa712f2a9ab349290ddbc871138b13ba
2be3765114dbce70c84786dd7d2838c7edce486c
84dce905b67560d91a9993771337d6e5946c7f1e502b5bf06fb0ef6d34b97b57

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 22:12:57 GMT
content-type: text/css; charset=utf-8
content-length: 5884
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-9226"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 59820
expires: Tue, 19 Sep 2023 22:12:57 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AU67md3Axegb1XdLctebst0qI1tQ6aCBTzH%2Bu4aLvY5XFAzHE611xHAOkyNV%2FNmIF%2FSpICjPPMnFDNIFZoC7ujq%2B%2B%2BcyPIKlhDG3gQ%2FbtQvarY5kLdJ6jrqvy20vhlUQgScGoEbP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 752810321bdbfab8-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

opensea.com.kz/css/style.css

77.73.133.16

200 OK

1.6 kB

URL HTTP/1.1
opensea.com.kz/css/style.css
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
ASCII text, with CRLF line terminators
Size
1.6 kB (1567 bytes)
Hash
584bbefd85a36fccdc11339c116ffd11
c6457c4b88ecaa775c3e6f2f3bf4578180a76481
806a8065461936973ee2b89ee703dc525787aaba4e746eb6eaa7c8772ec58a2e

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /css/style.css HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: text/css
Last-Modified: Thu, 29 Sep 2022 03:59:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63351838-1516"
Expires: Fri, 30 Sep 2022 22:12:57 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

opensea.com.kz/js/bootstrap.min.js

77.73.133.16

200 OK

16 kB

URL HTTP/1.1
opensea.com.kz/js/bootstrap.min.js
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
ASCII text, with very long lines (60495)
Size
16 kB (16452 bytes)
Hash
10ee50669dd227cf4167314ec1d45417
ab5832b321bbce3cbfe0c5573b6bc9c639fa24bc
a08cf8c2e0ceaef364a9efe377b80008456da2fb964a28b201d067b36491660b

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: application/javascript
Last-Modified: Wed, 28 Sep 2022 19:45:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"6334a43e-ed3c"
Expires: Fri, 30 Sep 2022 22:12:57 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Content-Encoding: gzip

opensea.com.kz/images/usericons.png

77.73.133.16

200 OK

276 B

URL HTTP/1.1
opensea.com.kz/images/usericons.png
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
276 B (276 bytes)
Hash
3fac6a22d2b744204e2301634a0aee58
f10e7d658214e6304126809c17b934b1a7c40fc8
9db53870e7100605192237ac6307eeca4cbb31516113978ddfc5964d67add824

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /images/usericons.png HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: image/png
Content-Length: 276
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
Connection: keep-alive
ETag: "6334a43c-114"
Expires: Fri, 30 Sep 2022 22:12:57 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

278 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
278 B (278 bytes)
Hash
bfcb2840864c8a4c14a30a57bf610fc5
b7b65f78355d6189e650ad21a199819d08c04163
2a92d858a851a784ace07c09485ebe9586d8c229a6bdbfd8b2f931a7be8d055e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6467
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 22:12:57 GMT
Last-Modified: Thu, 29 Sep 2022 20:25:11 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 278

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f09cb223e3dc028c58cf32c2274c3766
ca7f1663a1200941986e786353ed2f3ff50bd0b2
9b89a5534b1a84f0a86f150dc7f1f699bb972f7b8e151b29c02454dd939066ca

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3859
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 22:12:57 GMT
Last-Modified: Thu, 29 Sep 2022 21:08:38 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

opensea.com.kz/images/infoicons.png

77.73.133.16

200 OK

276 B

URL HTTP/1.1
opensea.com.kz/images/infoicons.png
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
276 B (276 bytes)
Hash
3fac6a22d2b744204e2301634a0aee58
f10e7d658214e6304126809c17b934b1a7c40fc8
9db53870e7100605192237ac6307eeca4cbb31516113978ddfc5964d67add824

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /images/infoicons.png HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: image/png
Content-Length: 276
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
Connection: keep-alive
ETag: "6334a43c-114"
Expires: Fri, 30 Sep 2022 22:12:57 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86e0fe14ac54b7b9131a460fd65d73fd
49ec80657f4183e2ad7e906583b94cbf48a94809
9f30a1437666225f096d72763cf89a4e5ae9e5f501ffed4becc51b08c515cf6f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 22:12:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

opensea.com.kz/images/walletlink-alternative.webp

77.73.133.16

200 OK

11 kB

URL HTTP/1.1
opensea.com.kz/images/walletlink-alternative.webp
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
RIFF (little-endian) data, Web/P image\012- data
Size
11 kB (11152 bytes)
Hash
3075e5f06fd33a6da218aad481c35545
ab4e6efbdfef6ad993d1006ffc6f3d80c112eb8b
7f1e60c2a2d01520a2e4d593226b158ab6f1caa9e0eb1908dd08d516af59bdea

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /images/walletlink-alternative.webp HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Length: 11152
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
ETag: "2b90-5e9c1ff048700"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

opensea.com.kz/images/metamask-alternative.webp

77.73.133.16

200 OK

62 kB

URL HTTP/1.1
opensea.com.kz/images/metamask-alternative.webp
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
RIFF (little-endian) data, Web/P image\012- data
Size
62 kB (62154 bytes)
Hash
f67565450ff9a3c29c5a73f01a58ea72
9632ff494b58def54782d1d19218107283dcc836
5e45e1bc3b0e1c17fc51b0cc145a1f99bb0dd93959afa62d7166204dbcecdd3c

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /images/metamask-alternative.webp HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Length: 62154
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
ETag: "f2ca-5e9c1ff048700"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

opensea.com.kz/images/trust-alternative.webp

77.73.133.16

200 OK

5.5 kB

URL HTTP/1.1
opensea.com.kz/images/trust-alternative.webp
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
RIFF (little-endian) data, Web/P image\012- data
Size
5.5 kB (5498 bytes)
Hash
c9e78fe6c6e121908c1d04fdb68a8934
4460f24fadc7bf575ec84bf6022daca434947c8b
dbc6b5512ca6a2fc08f2af7f246d300c7b0ffce7da57bed015f2830a4239f515

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /images/trust-alternative.webp HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Length: 5498
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
ETag: "157a-5e9c1ff048700"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
86e0fe14ac54b7b9131a460fd65d73fd
49ec80657f4183e2ad7e906583b94cbf48a94809
9f30a1437666225f096d72763cf89a4e5ae9e5f501ffed4becc51b08c515cf6f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 22:12:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 22:12:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2

142.250.74.163

200 OK

8.0 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Size
8.0 kB (8000 bytes)
Hash
72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://opensea.com.kz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:30:59 GMT
expires: Thu, 28 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 96118
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 22:12:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2

142.250.74.163

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Size
7.8 kB (7816 bytes)
Hash
25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://opensea.com.kz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:30:59 GMT
expires: Thu, 28 Sep 2023 19:30:59 GMT
cache-control: public, max-age=31536000
age: 96118
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2

142.250.74.163

200 OK

7.7 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Size
7.7 kB (7748 bytes)
Hash
a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://opensea.com.kz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:31:00 GMT
expires: Thu, 28 Sep 2023 19:31:00 GMT
cache-control: public, max-age=31536000
age: 96117
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2

142.250.74.163

200 OK

7.8 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Size
7.8 kB (7840 bytes)
Hash
8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb

HTTP Headers

GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://opensea.com.kz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:31:03 GMT
expires: Thu, 28 Sep 2023 19:31:03 GMT
cache-control: public, max-age=31536000
age: 96114
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

opensea.com.kz/images/restless-promocard.webp

77.73.133.16

200 OK

93 kB

URL HTTP/1.1
opensea.com.kz/images/restless-promocard.webp
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 784x784, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
93 kB (93226 bytes)
Hash
79ec48a392a0ebb6fe5411c07d424fe7
c85a82ec45043d261186ddfbf9be1110437c71cc
d377595e910904dafaa69e0e189b8f26ee248e3ce8459be73cdc58944c6c6ad0

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /images/restless-promocard.webp HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Length: 93226
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
ETag: "16c2a-5e9c1ff048700"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2

142.250.74.163

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Size
7.9 kB (7884 bytes)
Hash
9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f

HTTP Headers

GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://opensea.com.kz
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 28 Sep 2022 19:32:09 GMT
expires: Thu, 28 Sep 2023 19:32:09 GMT
cache-control: public, max-age=31536000
age: 96048
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

opensea.com.kz/fonts/phantom.svg

77.73.133.16

200 OK

1.3 kB

URL HTTP/1.1
opensea.com.kz/fonts/phantom.svg
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1287), with no line terminators
Size
1.3 kB (1287 bytes)
Hash
d1a11b945d47766148e77ad4af01524b
0f9361931c0273decb165a7ae2edd4f08faa03c9
1508ae500ab143edbbf285061a2e4f7e293b9d23e74e614ca36cd736b60c983b

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/phantom.svg HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: image/svg+xml
Content-Length: 1287
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
Connection: keep-alive
ETag: "6334a43c-507"
Expires: Fri, 30 Sep 2022 22:12:57 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8045f030f1424d43155236ac74193734
9f5d53209a1b442a342d7d59986e4817024e2fcd
211c2261b71490e21be41166efa63b59b01ed4188f80c7e095b748abf1f0ae68

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 29 Sep 2022 22:12:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

52.89.136.7

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.136.7:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fPTclcPSQQe3/6RlIbw82w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xTgONxSXlFemZrFPC26me0qMxqY=

opensea.com.kz/images/logo.PNG

77.73.133.16

200 OK

3.6 kB

URL HTTP/1.1
opensea.com.kz/images/logo.PNG
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
PNG image data, 178 x 55, 8-bit/color RGB, non-interlaced\012- data
Size
3.6 kB (3634 bytes)
Hash
977162aaeff29a16bd4b21e018e6301d
0b82b485743a27d24cd876dc3b2e9c28322d29e7
51f7c928e437b1b5fb71f7b14db03a32d10d5d5ccbc87d56460570ae79b96226

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /images/logo.PNG HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: image/png
Content-Length: 3634
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
Connection: keep-alive
ETag: "6334a43c-e32"
Expires: Fri, 30 Sep 2022 22:12:57 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

opensea.com.kz/images/sturec-promocard.webp

77.73.133.16

200 OK

536 kB

URL HTTP/1.1
opensea.com.kz/images/sturec-promocard.webp
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
RIFF (little-endian) data, Web/P image\012- data
Size
536 kB (536108 bytes)
Hash
863f2eb63172027722ee6f6eee7c8fe3
77e91efb5e9dddc9f76d9c28597b0ca1b022f903
df48c77c9af155bfa7d0a40747c67ced85ba3b4b76be1cb949909e49e15c535b

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /images/sturec-promocard.webp HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Length: 536108
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
ETag: "82e2c-5e9c1ff048700"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

opensea.com.kz/images/user.png

77.73.133.16

200 OK

2.1 kB

URL HTTP/1.1
opensea.com.kz/images/user.png
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
PNG image data, 30 x 30, 8-bit/color RGB, non-interlaced\012- data
Size
2.1 kB (2133 bytes)
Hash
37bcad3787c493fae574d6261646ad39
464aac2e4a7b6a2d125bd82e0c160660c642deec
a6de49495ee2b45dd3f585aa6f9fba6caed4d691bb6c0d40e22848bb0b13fb71

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /images/user.png HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: image/png
Content-Length: 2133
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
Connection: keep-alive
ETag: "6334a43c-855"
Expires: Fri, 30 Sep 2022 22:12:57 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

opensea.com.kz/images/avatar.jpg

77.73.133.16

200 OK

4.0 kB

URL HTTP/1.1
opensea.com.kz/images/avatar.jpg
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 80x53, components 3\012- data
Size
4.0 kB (4023 bytes)
Hash
8db3346b4c7661ebd80d60d30f2376c3
92b7db5fd615fe69f8feacfe0b6c475d3ce90842
4c0d06d64a8c7b7e628df806e068ca0993f6bc0eda6e6bd949b8e267b12443e1

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /images/avatar.jpg HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: image/jpeg
Content-Length: 4023
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
Connection: keep-alive
ETag: "6334a43c-fb7"
Expires: Fri, 30 Sep 2022 22:12:57 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

opensea.com.kz/images/banner22.png

77.73.133.16

200 OK

451 kB

URL HTTP/1.1
opensea.com.kz/images/banner22.png
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
PNG image data, 550 x 412, 8-bit/color RGBA, non-interlaced\012- data
Size
451 kB (450966 bytes)
Hash
a103230ae9fe64999596c204a3a3ecde
42a2956457332012ff3763f60fd04f50fb68be58
3ce4fef04e024c504cdb87b5de473303b76271672c8c91c337817299728a5ce5

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /images/banner22.png HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: image/png
Content-Length: 450966
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
Connection: keep-alive
ETag: "6334a43c-6e196"
Expires: Fri, 30 Sep 2022 22:12:57 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

opensea.com.kz/images/pagescreen.jpg

77.73.133.16

200 OK

1.6 MB

URL HTTP/1.1
opensea.com.kz/images/pagescreen.jpg
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1343x2530, components 3\012- data
Size
1.6 MB (1647325 bytes)
Hash
1fb7e2c0790d6ee34b2b914b3d1d2b09
f2107c68fea259ae9a0c6e7bbd9a7fa7cfd4b6cb
e33fb0edc49124648773a2e341c622514e1ba3dadacfe3b392a0ef57cb5288ac

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /images/pagescreen.jpg HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: image/jpeg
Content-Length: 1647325
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
Connection: keep-alive
ETag: "6334a43c-1922dd"
Expires: Fri, 30 Sep 2022 22:12:57 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

opensea.com.kz/images/wallet.png

77.73.133.16

200 OK

1.3 kB

URL HTTP/1.1
opensea.com.kz/images/wallet.png
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
PNG image data, 31 x 27, 8-bit/color RGB, non-interlaced\012- data
Size
1.3 kB (1343 bytes)
Hash
38069107280bfafbd2480c261195fd1e
75753c6dae10243fe268392dcb50d69df3560337
5329af196ba1ac3efc10a26cbef7c93a00650c9affaf7437d0c536244a2b7d93

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /images/wallet.png HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: image/png
Content-Length: 1343
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
Connection: keep-alive
ETag: "6334a43c-53f"
Expires: Fri, 30 Sep 2022 22:12:57 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

opensea.com.kz/images/unnamed.jpg

77.73.133.16

200 OK

76 kB

URL HTTP/1.1
opensea.com.kz/images/unnamed.jpg
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 550x412, components 3\012- data
Size
76 kB (75500 bytes)
Hash
d3fa0c5184e12e21687dab728328ed92
db4f705d4216fb54d9686a644fa67cb481f1f959
ca5ce7b91d37d62e3873b49a5deb769190cd223cfb9a13dd70a33ac36cb25cc8

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /images/unnamed.jpg HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:57 GMT
Content-Type: image/jpeg
Content-Length: 75500
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
Connection: keep-alive
ETag: "6334a43c-126ec"
Expires: Fri, 30 Sep 2022 22:12:57 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

opensea.com.kz/images/info.png

77.73.133.16

200 OK

592 B

URL HTTP/1.1
opensea.com.kz/images/info.png
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
592 B (592 bytes)
Hash
9b751c6115a5c1b702d3de8f090c7e22
2caa5a511b69f4f3c2ba7528b6cf80ab26d712cd
18ef26a7247ecd5e18ad4a60865abb32873976b5de261184363018c6c4686253

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /images/info.png HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:58 GMT
Content-Type: image/png
Content-Length: 592
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
Connection: keep-alive
ETag: "6334a43c-250"
Expires: Fri, 30 Sep 2022 22:12:58 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

opensea.com.kz/images/walletconnect-alternative.webp

77.73.133.16

200 OK

1.8 kB

URL HTTP/1.1
opensea.com.kz/images/walletconnect-alternative.webp
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
RIFF (little-endian) data, Web/P image\012- data
Size
1.8 kB (1750 bytes)
Hash
bc79cf15ae946361ea45f926480b8906
4c596a3a3bc8bf270f3c2520558522b7caba9358
56f27987ad3ced2c98776375e3e0554ec3e49d9d30585eb3274723963eed3d70

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /images/walletconnect-alternative.webp HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:58 GMT
Content-Length: 1750
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
ETag: "6d6-5e9c1ff048700"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

opensea.com.kz/images/theweeknd-promocard.webp

77.73.133.16

200 OK

549 kB

URL HTTP/1.1
opensea.com.kz/images/theweeknd-promocard.webp
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
RIFF (little-endian) data, Web/P image\012- data
Size
549 kB (549248 bytes)
Hash
7943e86715fbcefd5796f2d6c1b0c1c7
8fb31d5a0b0d22f05c4ac6b0f522fe8bab022e5d
041a3bb1cf6615f09801ac1badbccc2a3a314d54a726f94ff083991b0a0cf69e

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /images/theweeknd-promocard.webp HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:58 GMT
Content-Length: 549248
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
ETag: "86180-5e9c1ff048700"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

opensea.com.kz/images/footer.jpg

77.73.133.16

200 OK

284 kB

URL HTTP/1.1
opensea.com.kz/images/footer.jpg
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1221x880, components 3\012- data
Size
284 kB (283496 bytes)
Hash
a30b3fd579c56abf0909377954dde60c
9f6fb235ed578cbe7f21b79498b3baa97e4af761
1f919180c1c567938cabfa1a2196de1efba0c259c3dc3abcee580cf1efb384d2

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
quad9	Sinkholed

HTTP Headers

GET /images/footer.jpg HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:58 GMT
Content-Type: image/jpeg
Content-Length: 283496
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
Connection: keep-alive
ETag: "6334a43c-45368"
Expires: Fri, 30 Sep 2022 22:12:58 GMT
Cache-Control: max-age=86400
Strict-Transport-Security: max-age=31536000;
Accept-Ranges: bytes

opensea.com.kz/images/32x32.webp

77.73.133.16

200 OK

422 B

URL HTTP/1.1
opensea.com.kz/images/32x32.webp
IP
77.73.133.16:0
ASN
#204197 Duomenu apdorojimo centras LTD

File type
RIFF (little-endian) data, Web/P image\012- data
Size
422 B (422 bytes)
Hash
9ba41886d6ada0a2620317827a729606
bc53be78ad9418abaf8225b7f49f28baa77a3c98
e4bd91072de073dd0a39ad4f7ac4afd25bdb6051d224005eafc19bd28e384b45

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /images/32x32.webp HTTP/1.1
Host: opensea.com.kz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Cookie: PHPREFS=full
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx/1.18.0 (Ubuntu)
Date: Thu, 29 Sep 2022 22:12:58 GMT
Content-Length: 422
Connection: keep-alive
Last-Modified: Wed, 28 Sep 2022 19:45:00 GMT
ETag: "1a6-5e9c1ff048700"
Accept-Ranges: bytes
Strict-Transport-Security: max-age=31536000;

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
38b4c7f497ef1b61f9c5b7602d636073
6696b48f6923142740f762951b4fc38de255cca6
3cac3168a56269b5a2c510a5e07133132b10b52504b055dbe4ff212c19995a72

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3CAC3168A56269B5A2C510A5E07133132B10B52504B055DBE4FF212C19995A72"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4102
Expires: Thu, 29 Sep 2022 23:21:20 GMT
Date: Thu, 29 Sep 2022 22:12:58 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

344 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
344 B (344 bytes)
Hash
38b4c7f497ef1b61f9c5b7602d636073
6696b48f6923142740f762951b4fc38de255cca6
3cac3168a56269b5a2c510a5e07133132b10b52504b055dbe4ff212c19995a72

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 344
ETag: "3CAC3168A56269B5A2C510A5E07133132B10B52504B055DBE4FF212C19995A72"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4102
Expires: Thu, 29 Sep 2022 23:21:20 GMT
Date: Thu, 29 Sep 2022 22:12:58 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
47f245f9a098439e59436f81d4c03415
950b3eadfd6fc7f859130fa2c63934c6ccd49889
25f075effbd8acded8f38d69ea17f673de3e197b635274d4c52411ef577fe8e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "25F075EFFBD8ACDED8F38D69EA17F673DE3E197B635274D4C52411EF577FE8E7"
Last-Modified: Thu, 29 Sep 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3770
Expires: Thu, 29 Sep 2022 23:15:49 GMT
Date: Thu, 29 Sep 2022 22:12:59 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9654 bytes)
Hash
36ae9444071dd70dcf86802c370ffda9
44cc19b21912d07f82a88af5b2fa6d3e370459bf
99984d108bf31d733414f7f1352e17225ac21ac2dbfb4b1e7fa7ae80e5b6b822

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99f26bb4-2c5c-44ef-86d3-90fd05ec1ce0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9654
x-amzn-requestid: 7277f59f-452d-4cb6-a76e-1561b4ff3de0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGW2REPzoAMFrww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63326b5b-4f5d775830c95b065ce40d3f;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 03:17:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: jTiWrrcC29QaFlnaiNH_KmEaphRZhWyzf1JbWb6uL00D3vOMR7Wfyg==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 03:28:09 GMT
age: 67490
etag: "44cc19b21912d07f82a88af5b2fa6d3e370459bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14073 bytes)
Hash
11594ce7500d8776bfd5162b17f87d72
72603efba82d649ce5a7a0ca45dc830c0d9ef012
511f5aa33750cd4a02cf3968bf165ffa521e77cb4fb7135b516d7ad14e8b9d01

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff5cbaf6d-fc16-4449-8b54-1d55f68eff4f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14073
x-amzn-requestid: 4ff72590-e28d-4d4b-af1a-4d62e75e3d66
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKnpEsJoAMFlBQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be30-38b014a25551aa0a2ab04ccf;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gP4V4fq53Z5BFfjDlx1LCR9AhUPTq0qusBaOY_UEXjJjM6SByqDgXg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:42:04 GMT
age: 1855
etag: "72603efba82d649ce5a7a0ca45dc830c0d9ef012"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7859 bytes)
Hash
c62a6368c456e9614ca4c8e360a2ef12
35ec6e80d324bb215796c590a7ffafbaea55d88e
90a37acc6beda1aa98a98cb84e00a7e469d6d919a14f4709c5f67a83ae95278d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9d0e9057-f203-4080-95b8-652ecd15effa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7859
x-amzn-requestid: 34d0718f-46d4-446f-bb06-8449bd8f4287
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZIlO4FcBoAMFy0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63334f2b-58ae81c9077e4f1575750f15;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 19:29:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XwUZAphoqael30FgWCRQlHqBpjBOSG7rnlbPNKyojhONZ625gCUI5g==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 07:36:34 GMT
age: 52585
etag: "35ec6e80d324bb215796c590a7ffafbaea55d88e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.1 kB (4093 bytes)
Hash
aed4d25286420a1405c3274931194002
c17c7bdfa4b40f9a0634da65c610869e5c410bf1
f32058bdd49930b927d1f9fdfd204ed054b4f85e0d679eff067d522d42ac504a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F783cca30-851d-4c3b-97b3-dfc92f711d23.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4093
x-amzn-requestid: 4275d743-8507-4fbe-83d1-cc0da2adef7b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMKoPHCMIAMF7wQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be34-5ddb717430e7b38e3ee53657;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:35:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: H713oiiX6wslZytV_P5NblH5vT7KZ2fv1G3DLKLrH5nw0lHOquia4w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:40:52 GMT
age: 1927
etag: "c17c7bdfa4b40f9a0634da65c610869e5c410bf1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10023 bytes)
Hash
f4505f57697072468da82e0b536d0d5b
e1067a2dfbc22e7eb196046d57bd1e17604dba75
b5e79054f165f38b99f93a8128284f82076523988aeb102b85dd8ff1a2870d00

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F75de31dd-bbf0-4a21-bfac-94f0062f4da4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10023
x-amzn-requestid: 0cb6b9a1-0707-4094-b197-5a0add2df717
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK4dHJLIAMFWmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be9c-2d8bbb17157900f126c5bb3c;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8jQ3_48IZxSPDL8NijwE3ZA19Y3ltpRkZmqmoO79p-YT-VoWwWUH5w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:40:44 GMT
age: 1935
etag: "e1067a2dfbc22e7eb196046d57bd1e17604dba75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.2 kB (4235 bytes)
Hash
30471179bd7cdeecea2fa4ea98701aef
2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb
967e070aec3942c64cc6c4cfdc13d430825c9e5c26dbec5bb3d66237d5978dfc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6362b4f1-5935-43c9-9147-6d019a1ea6cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4235
x-amzn-requestid: 60825c64-7743-4b16-b80d-d1195ccb0f23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZMK2nFsDoAMFRwg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6334be90-1898e5d9111db7c843c1ebb4;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 21:37:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: L1dvesyygNS2n9iBgKUefyIDwLD1uu8nCF6GaR4RQJ3Ojt6t0VSv9Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Thu, 29 Sep 2022 21:40:46 GMT
age: 1933
etag: "2bbcd6305b4da3204bf1c04b6db23d44cfc84fbb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

api.inetstatic.com/tracking/script.js?referrer=https://opensea.com.kz/

104.21.20.107

200 OK

0 B

URL HTTP/2
api.inetstatic.com/tracking/script.js?referrer=https://opensea.com.kz/
IP
104.21.20.107:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tracking/script.js?referrer=https://opensea.com.kz/ HTTP/1.1
Host: api.inetstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 29 Sep 2022 22:12:58 GMT
content-type: text/html; charset=utf-8
x-powered-by: PHP/7.2.21
access-control-allow-origin: https://opensea.com.kz
access-control-allow-methods: GET, POST
access-control-allow-headers: X-Requested-With,content-type
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p2wwWcUbCzyYjnMC%2BHDnsDDhw66UdxaYwTZ5MpT6wTVEN4zV25B4udFCZZZa1rKbrMQvgeAH%2F%2FOvRQetETUzqrlO6EWWNJK8Hm1ITqnAZQe4%2BS3u2qL8H6GloFJGiX4H2Cls%2FDE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7528103aca780b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Poppins:wght@200;300;400;500;600;700&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Poppins:wght@200;300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://opensea.com.kz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 29 Sep 2022 22:12:57 GMT
date: Thu, 29 Sep 2022 22:12:57 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (57)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type