Report - xhp281.github.io/swap

Report Overview

Submitted URL
xhp281.github.io/swap
IP
185.199.111.153
ASN
#54113 FASTLY
Submitted
2023-03-29 15:16:27
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
api.coinbase.com	13452	2015-06-05T12:29:43Z	2023-03-28T22:11:54Z	399 B	4.4 kB	104.18.4.43
mainnet.infura.io	19321	2016-08-23T17:27:48Z	2023-03-29T17:16:15Z	5.0 kB	3.3 kB	54.162.189.170
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T22:30:19Z	3.2 kB	56 kB	34.120.237.76
tokens.uniswap.org	404844	2020-08-15T11:00:19Z	2023-03-28T16:59:50Z	371 B	1.4 kB	104.18.22.54
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T18:12:03Z	3.0 kB	8.0 kB	23.36.77.32
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T18:37:20Z	606 B	127 B	52.89.183.99
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-29T18:34:51Z	736 B	440 B	216.239.34.36
app.tryroll.com	305318	2019-05-29T03:07:10Z	2023-03-29T17:16:15Z	379 B	525 B	104.18.10.70
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T18:13:46Z	333 B	391 B	34.117.237.239
celo-org.github.io	unknown	2022-07-16T05:35:57Z	2023-03-28T17:00:17Z	406 B	4.5 kB	185.199.110.153
api.coinmarketcap.com	22085	2015-03-06T17:05:54Z	2023-03-28T22:04:17Z	3.7 kB	3.0 MB	54.230.111.40
extendedtokens.uniswap.org	unknown	2022-08-31T16:49:23Z	2023-03-28T16:59:50Z	379 B	1.4 kB	104.18.22.54
tokens.coingecko.com	143111	2020-11-25T11:43:42Z	2023-03-28T16:59:50Z	389 B	1.1 kB	104.21.74.223
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T18:24:36Z	413 B	5.9 kB	34.160.144.191
www.gemini.com	67446	2015-01-27T11:25:57Z	2023-03-28T16:59:50Z	1.8 kB	6.6 kB	54.230.111.117
api.uniswap.org	429987	2021-09-18T21:15:47Z	2023-03-28T16:59:51Z	1.0 kB	1.1 kB	54.230.111.83
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T18:14:38Z	782 B	2.4 kB	35.241.9.150
bridge.arbitrum.io	295578	2020-11-04T20:09:54Z	2023-03-28T16:59:50Z	4.5 kB	1.0 MB	76.76.21.164
ocsp.r2m01.amazontrust.com	unknown	2022-10-12T22:43:53Z	2023-03-29T21:37:48Z	1.8 kB	4.9 kB	54.230.80.227
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-29T18:12:02Z	686 B	1.4 kB	142.250.74.131
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-29T18:15:42Z	377 B	79 kB	142.250.74.40
static.optimism.io	292168	2021-07-07T18:53:36Z	2023-03-28T16:59:50Z	394 B	13 kB	185.199.110.153
tokenlist.arbitrum.io	unknown	2022-06-01T10:11:58Z	2023-03-28T16:59:51Z	403 B	687 B	172.67.4.52
xhp281.cn	unknown	2020-02-28T05:56:41Z	2023-03-23T14:03:37Z	9.3 kB	2.6 MB	185.199.111.153
raw.githubusercontent.com	35802	2014-03-01T08:08:08Z	2023-03-29T05:11:15Z	1.3 kB	14 kB	185.199.108.133
unsupportedtokens.uniswap.org	unknown	2022-08-31T16:50:07Z	2023-03-28T16:59:50Z	382 B	1.4 kB	104.18.22.54
xhp281.github.io	unknown	2020-02-28T05:56:41Z	2023-03-29T14:30:27Z	450 B	679 B	185.199.108.153

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-03-29	medium	xhp281.github.io/swap	Crypto/Wallet
2023-02-17	medium	xhp281.cn/swap	Crypto/Wallet

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-29	medium	xhp281.github.io/swap	Phishing
2023-03-29	medium	xhp281.cn/swap	Phishing
2023-03-29	medium	xhp281.cn/swap/	Phishing
2023-03-29	medium	xhp281.cn/swap/fonts/Inter-roman.var.woff2	Phishing
2023-03-29	medium	xhp281.cn/swap/static/js/4.3ee7f633.chunk.js	Phishing
2023-03-29	medium	xhp281.cn/swap/static/js/main.7d58a874.chunk.js	Phishing
2023-03-29	medium	xhp281.cn/swap/static/js/25.7a109de0.chunk.js	Phishing
2023-03-29	medium	xhp281.cn/swap/service-worker.js	Phishing
2023-03-29	medium	xhp281.cn/swap/static/js/1.25b95a2e.chunk.js	Phishing
2023-03-29	medium	xhp281.cn/swap/static/js/6.7570c0f4.chunk.js	Phishing
2023-03-29	medium	xhp281.cn/swap/static/js/0.d4248e7e.chunk.js	Phishing
2023-03-29	medium	xhp281.cn/swap/static/js/11.4db60d0b.chunk.js	Phishing
2023-03-29	medium	xhp281.cn/swap/static/js/5.2a551089.chunk.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-KDP9B6W4H8	223 kB	2023-03-29	2023-03-29
Pretty URL www.googletagmanager.com/gtag/js?id=G-KDP9B6W4H8 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 23:56:14 Last Seen2023-03-29 23:56:14 Times Seen1 Hash 58729f8ae77e75db00a76b53594ee751 3347eb184ce4e5fe5d7e54d3c3a7affcf705b129 4ef38008cd8e3f1bfd48d6585b944c119c89d669b981e697ead6b50a04acced9 Loading...

	xhp281.cn/swap/static/js/25.7a109de0.chunk.js	44 kB	2023-03-11	2023-08-21
Pretty URL xhp281.cn/swap/static/js/25.7a109de0.chunk.js IP 185.199.111.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:51:02 Last Seen2023-08-21 13:40:12 Times Seen19 Hash 879bfe1d8fdcb4241232ab3fc13f62e3 16db312dc98b7382014f9160ff2be8edc790e931 4b24611ec0da4d5a84ddd08b18848ab7337b6a3f27f32736cbe57f5aea98a47a Loading...

	xhp281.cn/swap/static/js/0.d4248e7e.chunk.js	9.6 kB	2023-03-11	2023-08-21
Pretty URL xhp281.cn/swap/static/js/0.d4248e7e.chunk.js IP 185.199.111.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:51:02 Last Seen2023-08-21 13:40:12 Times Seen11 Hash a59c8a215db36ecfaa5597df10e7bc2d 3b14969dad585401fa3b8092d7cc30d1bdeec57a bcbe847abfb9de8f6cbfc0cb68a88d8e6ad2dfb3c7788891a1d30d7f63aeb72b Loading...

	xhp281.cn/swap/	5.5 kB	2023-03-11	2023-03-29
Pretty URL xhp281.cn/swap/ IP 185.199.111.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:51:02 Last Seen2023-03-29 23:56:14 Times Seen3 Hash 81fb58df1fdc9d3f05cc32913bf42e9c 58ffba3e959584f9d17d803bcea7c05410b32813 250aeee7d4fb325dae9a533dc752d77023f3af343b67dd9452c646cfb1fb2315 Loading...

	xhp281.cn/swap/static/js/main.7d58a874.chunk.js	1.5 MB	2023-03-11	2023-08-21
Pretty URL xhp281.cn/swap/static/js/main.7d58a874.chunk.js IP 185.199.111.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:51:02 Last Seen2023-08-21 13:40:12 Times Seen11 Hash 066b122b0b0acb41036ba2aafa5cf4f7 a3453eae3e1a2a4018b7909ae01333ce499d55c0 39b59cbb0f90cb5c5e419eced61be02cb8932ad3a36b8c91d781150f8e8d90cd Loading...

	xhp281.cn/swap/static/js/1.25b95a2e.chunk.js	591 B	2023-03-11	2023-08-21
Pretty URL xhp281.cn/swap/static/js/1.25b95a2e.chunk.js IP 185.199.111.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:51:02 Last Seen2023-08-21 13:40:12 Times Seen11 Hash 964047a4b97b99ac147d080e4ec6ec41 aa7283b228ff8a2a002389eda754d3fc0828b733 6a05d07a3979a0a14d51b89c1be3a28631cdda9d963baa4853f34e39a0849c83 Loading...

	xhp281.cn/swap/static/js/6.7570c0f4.chunk.js	34 kB	2023-03-11	2023-08-21
Pretty URL xhp281.cn/swap/static/js/6.7570c0f4.chunk.js IP 185.199.111.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:51:02 Last Seen2023-08-21 13:40:12 Times Seen11 Hash d02a3626f8c04a755815f04325d51d83 83c02c9b91e7950a104cd716a0dd80693c0db939 7092725cf9508f9db4d15cf599ba57eb63f0cafe20d7ffebe30ce918d26f4421 Loading...

	xhp281.cn/swap/static/js/11.4db60d0b.chunk.js	40 kB	2023-03-11	2023-08-21
Pretty URL xhp281.cn/swap/static/js/11.4db60d0b.chunk.js IP 185.199.111.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 15:51:02 Last Seen2023-08-21 13:40:12 Times Seen11 Hash 2267f588ccd1b41d0346d0795e41f017 f5bb0caf2243dfe9593a70644443564b1fd571af 30e23143997e13e7bb4ed35a97b90c5d589f431f183060d7512354e15edb1fd8 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 23:37:43 Times Seen36968679 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	xhp281.cn/swap/static/js/4.3ee7f633.chunk.js	4.8 MB	2023-03-11	2023-08-21
Pretty URL xhp281.cn/swap/static/js/4.3ee7f633.chunk.js IP 185.199.111.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 16:08:32 Last Seen2023-08-21 13:40:12 Times Seen11 Hash 576fe048596fd5e2044c655b886bf172 8f2bdf5f618470644aa10ec9ca0a848931bed5db aeb621474f427ee4f2212d7cbc7bc74ed6e450a7ae3cef00a1d53dc0e4ffefdd Loading...

HTTP Transactions (96)

URL IP Response Size

xhp281.github.io/swap

185.199.108.153

301 Moved Permanently

162 B

URL HTTP/2
xhp281.github.io/swap
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /swap HTTP/1.1
Host: xhp281.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: GitHub.com
content-type: text/html
permissions-policy: interest-cohort=()
location: https://xhp281.cn/swap
x-github-request-id: 4F00:EA41:CDF9D:D2889:6424563C
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:12 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1661-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102972.119936,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: fa276125aad12246a28bd9b3f90fd8e6a1148631
content-length: 162
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
93f633ce30c038eb581544323c5a971e
2f60526cb750c6babccc207f75fb5a8ae6f7598b
0ff6df80a892199848fb943af78541b66efc09a7ab70d4b169906fdbac1eabf8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FF6DF80A892199848FB943AF78541B66EFC09A7AB70D4B169906FDBAC1EABF8"
Last-Modified: Mon, 27 Mar 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6510
Expires: Wed, 29 Mar 2023 17:04:42 GMT
Date: Wed, 29 Mar 2023 15:16:12 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c83d39f350161ed2f5d20dcd68e47c92
2695a888e652cb314f8094cc6073c3364336d272
62e5cc6aea61c3c32acd964d4bbe143806416008181eebc4451a8f035b69a0bc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62E5CC6AEA61C3C32ACD964D4BBE143806416008181EEBC4451A8F035B69A0BC"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8463
Expires: Wed, 29 Mar 2023 17:37:15 GMT
Date: Wed, 29 Mar 2023 15:16:12 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Retry-After, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 29 Mar 2023 14:28:09 GMT
content-type: application/json
age: 2883
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5ad3eec59bebbf969f175627757507c1
b176af3a70db378c9e1f219bab24d9d446070d6f
704fa284035b4c9aa487331b516f5f11c324e204756ae2503bad2606ed34f25e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "704FA284035B4C9AA487331B516F5F11C324E204756AE2503BAD2606ED34F25E"
Last-Modified: Mon, 27 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15367
Expires: Wed, 29 Mar 2023 19:32:19 GMT
Date: Wed, 29 Mar 2023 15:16:12 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: HaG0+vsmdj/+nKjVJd6GpKvY3slcOD8wBO7MthbPE/78iJAb0VBYrg9Z3LRtR1Y8/EWSHQMEJaDkshB+ACqDjQ==
x-amz-request-id: WVTRZ8AZDDN2GT6Q
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 29 Mar 2023 15:02:32 GMT
age: 820
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 29 Mar 2023 15:16:12 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, ETag, Alert, Last-Modified, Retry-After, Content-Length, Pragma, Backoff, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 29 Mar 2023 15:14:36 GMT
age: 96
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

xhp281.cn/swap

185.199.111.153

301 Moved Permanently

162 B

URL HTTP/2
xhp281.cn/swap
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /swap HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 301 Moved Permanently
server: GitHub.com
content-type: text/html
location: https://xhp281.cn/swap/
x-github-request-id: E016:03E8:D1D92:D66C1:6424563C
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:12 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102973.838065,VS0,VE120
vary: Accept-Encoding
x-fastly-request-id: 0f785a5948ff737f25b9fe01526b5b22fb92fe3f
content-length: 162
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
76a0aba3ddb470751c690f5a725159f2
8cb789e8e0dfa336270700ef1e607173f2aee6cd
e76de476654125a06994065d66e30c6fb6c354d0f67fd4e31a3f78679e2bfdcb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E76DE476654125A06994065D66E30C6FB6C354D0F67FD4E31A3F78679E2BFDCB"
Last-Modified: Mon, 27 Mar 2023 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2177
Expires: Wed, 29 Mar 2023 15:52:30 GMT
Date: Wed, 29 Mar 2023 15:16:13 GMT
Connection: keep-alive

xhp281.cn/swap/

185.199.111.153

200 OK

3.5 kB

URL HTTP/2
xhp281.cn/swap/
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7871), with no line terminators
Size
3.5 kB (3509 bytes)
Hash
1c4a678b83a4a237148e138a99daf1f0
8096e4d0c06ecc17535fd53426f1b26ca5990fbb
bde3528dc06ab3b7ed33fba0f878f46246183f9965508875beb0834339ca2c4b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /swap/ HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Tue, 22 Nov 2022 15:43:46 GMT
access-control-allow-origin: *
etag: W/"637cee32-1ebf"
expires: Wed, 29 Mar 2023 13:35:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: A006:3F92:1D53153:1E44E51:64243C65
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:13 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1680102973.970643,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: 9f3247bc481569269df9b6abc6ec603e9dc5bff5
content-length: 3509
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.89.183.99

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.89.183.99:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0knTloflcRACzcw3kr/tug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: m+N1gm+HrK7/FOft21qF5uoGKVA=

xhp281.cn/swap/fonts/Inter-roman.var.woff2

185.199.111.153

200 OK

228 kB

URL HTTP/2
xhp281.cn/swap/fonts/Inter-roman.var.woff2
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 227688, version 1.0\012- data
Size
228 kB (227688 bytes)
Hash
6718c2681ffa562474407218ac0b08ae
03d67f11d4c6bcdd6182f0bcebb26d11e8c13dd3
d2d2d11234d0d74c0ed3e9727ef07ac8422cbd5b356296b0f87f679c9f74ce83

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /swap/fonts/Inter-roman.var.woff2 HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: font/woff2
last-modified: Tue, 22 Nov 2022 15:43:46 GMT
access-control-allow-origin: *
etag: "637cee32-37968"
expires: Wed, 29 Mar 2023 15:26:13 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: AD88:1FEE:C3CF3:C85B1:6424563D
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:13 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102973.174937,VS0,VE196
vary: Accept-Encoding
x-fastly-request-id: de96d9ede4e47a76e5ccd6c7abff1609b95977fc
content-length: 227688
X-Firefox-Spdy: h2

xhp281.cn/swap/static/css/4.92fd0fa6.chunk.css

185.199.111.153

200 OK

54 kB

URL HTTP/2
xhp281.cn/swap/static/css/4.92fd0fa6.chunk.css
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
54 kB (53560 bytes)
Hash
4dfe9575e6e72c0e76382d77ab40d7cd
6ba4f37020ac1cd84cc3921ce76632ec189a71fe
272c7428cd2ffea2396fc255b05f277b3060bdf80e92fdf8d4111a3e787259b9

HTTP Headers

GET /swap/static/css/4.92fd0fa6.chunk.css HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
last-modified: Tue, 22 Nov 2022 15:43:46 GMT
access-control-allow-origin: *
etag: W/"637cee32-5d7c9"
expires: Wed, 29 Mar 2023 15:26:13 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 95A6:EA41:CE063:D295B:6424563D
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:13 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102973.175474,VS0,VE217
vary: Accept-Encoding
x-fastly-request-id: d00d53842fffa19f92e8b4cad2bf654436e09fd7
content-length: 53560
X-Firefox-Spdy: h2

xhp281.cn/swap/static/js/4.3ee7f633.chunk.js

185.199.111.153

200 OK

1.4 MB

URL HTTP/2
xhp281.cn/swap/static/js/4.3ee7f633.chunk.js
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65462)
Size
1.4 MB (1416959 bytes)
Hash
7baac74dade00d8fe81b251b45633e05
3d86d09b45c38d3b60cba3250bc210d0f23fdb4e
b74129410c68279753146d5ff50712b88798d463b85033322993152584233a03

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /swap/static/js/4.3ee7f633.chunk.js HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Tue, 22 Nov 2022 15:43:47 GMT
access-control-allow-origin: *
etag: W/"637cee33-48ec60"
expires: Wed, 29 Mar 2023 15:26:13 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 386C:3636:CE034:D28FD:6424563D
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:13 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102973.175828,VS0,VE267
vary: Accept-Encoding
x-fastly-request-id: 271474b2990dc4a9048c8607d96eb008b872c630
content-length: 1416959
X-Firefox-Spdy: h2

xhp281.cn/swap/static/js/main.7d58a874.chunk.js

185.199.111.153

200 OK

364 kB

URL HTTP/2
xhp281.cn/swap/static/js/main.7d58a874.chunk.js
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
364 kB (363640 bytes)
Hash
cab4f8b37f2b1aae8873d104a4737b62
feedcb5c317e6512c26e2a7e1ac3fd5d853899f0
69b3df9a574d4f6e0e22b7396e5c45d5b8e45b50f7f2f0b0d8c44318a40d8b9b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /swap/static/js/main.7d58a874.chunk.js HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 15:43:47 GMT
access-control-allow-origin: *
etag: W/"637cee33-166d0a"
expires: Wed, 29 Mar 2023 15:26:13 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 9EF6:B6F5:CDFC4:D2888:6424563D
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:13 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102973.176553,VS0,VE289
vary: Accept-Encoding
x-fastly-request-id: 7b45c4e43d49ffc5ed1f745c88c5d1f4ceaeb0b7
content-length: 363640
X-Firefox-Spdy: h2

xhp281.cn/swap/favicon.png

185.199.111.153

200 OK

2.7 kB

URL HTTP/2
xhp281.cn/swap/favicon.png
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
PNG image data, 128 x 128, 8-bit colormap, non-interlaced\012- data
Size
2.7 kB (2668 bytes)
Hash
e131d513b9331f61ff8849ba30fbd46d
844e7fe85719dd5c9af6ce5065b84dfdc71bec07
5a1e84a589476959d369ebd49d985edc282f2e3798b610f4c48dad3528801287

HTTP Headers

GET /swap/favicon.png HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
x-origin-cache: HIT
last-modified: Tue, 22 Nov 2022 15:43:46 GMT
access-control-allow-origin: *
etag: "637cee32-a6c"
expires: Wed, 29 Mar 2023 15:26:14 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: CAD2:8E09:D445A:D8DB9:6424563E
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:14 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102974.366042,VS0,VE118
vary: Accept-Encoding
x-fastly-request-id: 688dfa36e21efb4f88c74eba723fb004f9115960
content-length: 2668
X-Firefox-Spdy: h2

xhp281.cn/swap/images/512x512_App_Icon.png

185.199.111.153

200 OK

387 kB

URL HTTP/2
xhp281.cn/swap/images/512x512_App_Icon.png
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size
387 kB (386611 bytes)
Hash
87e1ff3cd8b01195164e4a54807468a0
c00846cd185ce838814895d9db4e10cfa5339996
814824e1f29a34016526c9a1005799fafd1c0cfdd2a456e7485743a83b37b949

HTTP Headers

GET /swap/images/512x512_App_Icon.png HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
last-modified: Tue, 22 Nov 2022 15:43:46 GMT
access-control-allow-origin: *
etag: "637cee32-5e633"
expires: Wed, 29 Mar 2023 15:26:14 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 1DEE:A68E:CF92D:D421B:6424563E
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:14 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102974.365681,VS0,VE155
vary: Accept-Encoding
x-fastly-request-id: 2f174933a6f59a66f0819e566664313a2664338b
content-length: 386611
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8234
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 15:16:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8234
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 15:16:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8234
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 15:16:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8234
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 15:16:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8234
Expires: Wed, 29 Mar 2023 17:33:28 GMT
Date: Wed, 29 Mar 2023 15:16:14 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8745 bytes)
Hash
ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: FHONNj6M7I5oVTKAKYspq0ZAJMYohURXs5ufSL-r--zCSdjuSvrpSA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 49cdeca097624936e070b73619df7da8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 62677
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6049 bytes)
Hash
253f48aa7cbf667d52cb37fda10cdb1f
e29478b866f90402b48d2b516d01d60a863c9cf9
b4a73ab71250b9e4a3f95e28dbf50dd000e1f338c7c3ac9f3351c1f6d6d3bfff

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85885238-8732-476a-b37c-1eac5dbc3e90.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6049
x-amzn-requestid: 2d1a2a66-8b63-44f0-83ec-10628a5fcac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CgvBFFMGIAMFhCg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235ed3-2a90bf0365925acb3b348489;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:40:35 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: -XwoHom5AT8j5yHNvfnYQ-9xIqVpsyDffwFM0d_ESJicJvL8pTcABg==
via: 1.1 c28e01aa413e9ea602538ccda1511062.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:50:28 GMT
age: 62746
etag: "e29478b866f90402b48d2b516d01d60a863c9cf9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6722 bytes)
Hash
d0a85ec27ed4f7910e26b4ff023ab1fb
f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0
fc31409ba6db565d4861a35ee6f74b7436eea5e5169bc1283f63cf6dfdb03764

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67889522-c6ea-4b17-93f3-ac6e2b4777c1.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6722
x-amzn-requestid: a6de82bd-5b03-4ffd-90dd-9bd03331d123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GG2IAMFuzQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-7cb1c8187fe3d2b0283fb3a0;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: y5vKgCZTlgD6ji-loyjRA9cPpJWpdR7yDH60LL0bRa1b8DtG4WsX9g==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:51:37 GMT
age: 62677
etag: "f35a6c0c18a7c25a5f644ed9bebef0d38f8c6ac0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7605 bytes)
Hash
fd1bc71c7e9eed7c086d752ea8b4b992
02a74cf88501d65b3dfcceb5adc79fd93ce785ed
a9a423d347533322d4d3ba90ee5fca5ca32f8d540f744ea2621deeda46df89f3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d713593-a582-498a-b202-20cddce4f8c4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7605
x-amzn-requestid: b7628073-4eb3-4ef6-b7d0-0224e0a75601
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguY8GFPoAMFebQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235dd2-445041c74356c54053f772a1;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:36:18 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 2LLHDcPZsSP1XPxH7agC7FhVwQQXfrWq3CEOSz0mBTjGykXxNQIq9Q==
via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 536063cb28bfc05fcb7a78183dd89b72.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 21:56:00 GMT
age: 62414
etag: "02a74cf88501d65b3dfcceb5adc79fd93ce785ed"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe33435-058f-4c07-8501-76bf9d99a4ac.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8878 bytes)
Hash
d9b904645a97752fd0cd185af9f33b13
06b9705ae857def62553d8ef6c5380d656a94805
5c80b9c2ba29659bcf7be241a1e54343711882433668d4105ca668fc11e2ce6f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe33435-058f-4c07-8501-76bf9d99a4ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8878
x-amzn-requestid: c0674742-96aa-4fe9-bc66-f9c952d8a920
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CORKVFOPoAMFX8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641bfbdb-0555f3c75321ad1e42f06c8f;Sampled=0
x-amzn-remapped-date: Thu, 23 Mar 2023 07:12:27 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: zx44rtiZRjKKLeG1qM3ABJYWg1TWDF0t6W33AzJoucdH6G4DABBqMg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 42ef990e439ae115ff739f04e3945234.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:53:21 GMT
age: 58973
etag: "06b9705ae857def62553d8ef6c5380d656a94805"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11894 bytes)
Hash
ee9c83faa5fdb77ba988a41207800b0e
4ac4c600767de39c5134cb97f78fcb29a681ee18
9039f7232ada16ae6d8a447225a15ef949c705a6f9e7aa20b367d001cd88c94f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb43b8abf-1aec-420b-bc1c-ccfbe765332e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11894
x-amzn-requestid: 8b0857c4-1333-45b7-84de-cf3ea7a3240e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CdburGzXoAMF2Cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64220cc4-005cc42d48948a3e0ef56b08;Sampled=0
x-amzn-remapped-date: Mon, 27 Mar 2023 21:38:12 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: fw1M0poEZrxuB51jVwizwBuvn_JY1jaEFXGsRor3wj-OSCfU-lUuIQ==
via: 1.1 8591441a35c0af61913aec9af012bc38.cloudfront.net (CloudFront), 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 28 Mar 2023 22:06:08 GMT
age: 61806
etag: "4ac4c600767de39c5134cb97f78fcb29a681ee18"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f6b3bb903e6f7394985c0ae662919208
ee3cb0fbd0017ed3a001ce195bc0cfa386979567
c6b84721f8ea52808c9884b612ffeaa16fe1e14345d9561135fbcf738a56dd2b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-KDP9B6W4H8

142.250.74.40

200 OK

78 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-KDP9B6W4H8
IP
142.250.74.40:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19390)
Size
78 kB (78233 bytes)
Hash
0645cd36f6ce8c1c6a3948f61d6557a5
e407a3f625dfc81d8c5692b1e46d823baf398e95
b82221bd07f3873717544737862236c70b8df3e9c9bfbfc7c843338af470a17c

HTTP Headers

GET /gtag/js?id=G-KDP9B6W4H8 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 29 Mar 2023 15:16:14 GMT
expires: Wed, 29 Mar 2023 15:16:14 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f6b3bb903e6f7394985c0ae662919208
ee3cb0fbd0017ed3a001ce195bc0cfa386979567
c6b84721f8ea52808c9884b612ffeaa16fe1e14345d9561135fbcf738a56dd2b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 29 Mar 2023 15:16:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

xhp281.cn/swap/static/js/25.7a109de0.chunk.js

185.199.111.153

200 OK

10 kB

URL HTTP/2
xhp281.cn/swap/static/js/25.7a109de0.chunk.js
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (43676)
Size
10 kB (10249 bytes)
Hash
5e7108f723e464e1596812373a8196ec
513e6f04fa4a7fb656537b890c1035979b859817
0f4dba603cb632e7073650e2ed574cc21b83f270edaa653cb34455effdeae022

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /swap/static/js/25.7a109de0.chunk.js HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Tue, 22 Nov 2022 15:43:46 GMT
access-control-allow-origin: *
etag: W/"637cee32-aaca"
expires: Wed, 29 Mar 2023 15:26:14 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 9020:26EA:D1E63:D6782:6424563E
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:14 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102975.725393,VS0,VE112
vary: Accept-Encoding
x-fastly-request-id: e999b51a169eecb6d48e72795d4f013d5a18b738
content-length: 10249
X-Firefox-Spdy: h2

xhp281.cn/swap/service-worker.js

185.199.111.153

200 OK

20 kB

URL HTTP/2
xhp281.cn/swap/service-worker.js
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65536), with no line terminators
Size
20 kB (20199 bytes)
Hash
66b3ba7066a48a921eaac975ebb5cc19
6970c30a116616f2a4da1652dd17bfdc949e9ac1
013659f4977d307d6b8807eb8e5d2a8033cacb6c8f62cb4e3d2940ab23b70f71

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /swap/service-worker.js HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: AMP_0000000000=JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMmMxMWUxOGU5LTk1YWItNDZmMS1hNjY3LWRjZjlmZjU1MjVlZiUyMiUyQyUyMnNlc3Npb25JZCUyMiUzQTE2ODAxMDI5OTgxNDElN0Q=
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Tue, 22 Nov 2022 15:43:46 GMT
access-control-allow-origin: *
etag: W/"637cee32-144da"
expires: Wed, 29 Mar 2023 15:26:14 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: CB74:03E8:D1F1D:D6852:6424563E
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:15 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102975.925472,VS0,VE118
vary: Accept-Encoding
x-fastly-request-id: f9e2a530bfa005aa33b3568f51dddecdd449afae
content-length: 20199
X-Firefox-Spdy: h2

xhp281.cn/swap/static/js/1.25b95a2e.chunk.js

185.199.111.153

200 OK

366 B

URL HTTP/2
xhp281.cn/swap/static/js/1.25b95a2e.chunk.js
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (546)
Size
366 B (366 bytes)
Hash
7cff5207d5c83c2e4c7893ca246c2455
1164bcc03512262e0eba99fd679cd65414807b3b
7acadb17633c075df96d8c1816031d277cde41dca2210866c8384c7e62ecf091

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /swap/static/js/1.25b95a2e.chunk.js HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Cookie: AMP_0000000000=JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMmMxMWUxOGU5LTk1YWItNDZmMS1hNjY3LWRjZjlmZjU1MjVlZiUyMiUyQyUyMnNlc3Npb25JZCUyMiUzQTE2ODAxMDI5OTgxNDElN0Q=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Tue, 22 Nov 2022 15:43:46 GMT
access-control-allow-origin: *
etag: W/"637cee32-24f"
expires: Wed, 29 Mar 2023 15:26:15 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 799C:81DE:C751B:CBDC2:6424563F
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:15 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102975.000296,VS0,VE109
vary: Accept-Encoding
x-fastly-request-id: 32dc35ca12a1992e920a8ce0b1d829d8b2299ac2
content-length: 366
X-Firefox-Spdy: h2

xhp281.cn/swap/static/css/0.ec99b6b4.chunk.css

185.199.111.153

200 OK

215 B

URL HTTP/2
xhp281.cn/swap/static/css/0.ec99b6b4.chunk.css
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
ASCII text
Size
215 B (215 bytes)
Hash
2cbf178da38ea6b95b7b14cab8190094
3f23bef546ac9951f8d3d83baad20e38ba275766
b5d02b9079047298c862ab19331da48264555eadb38a85ecbf9f49ffbbf3ad5b

HTTP Headers

GET /swap/static/css/0.ec99b6b4.chunk.css HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Cookie: AMP_0000000000=JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMmMxMWUxOGU5LTk1YWItNDZmMS1hNjY3LWRjZjlmZjU1MjVlZiUyMiUyQyUyMnNlc3Npb25JZCUyMiUzQTE2ODAxMDI5OTgxNDElN0Q=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Tue, 22 Nov 2022 15:43:46 GMT
access-control-allow-origin: *
etag: W/"637cee32-113"
expires: Wed, 29 Mar 2023 15:26:15 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: DEA8:EA41:CE186:D2A84:6424563F
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:15 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102975.996522,VS0,VE114
vary: Accept-Encoding
x-fastly-request-id: b675f20354bcce865df450fb7493defa5c7d1a5e
content-length: 215
X-Firefox-Spdy: h2

xhp281.cn/swap/static/css/6.d91ea986.chunk.css

185.199.111.153

200 OK

312 B

URL HTTP/2
xhp281.cn/swap/static/css/6.d91ea986.chunk.css
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (402)
Size
312 B (312 bytes)
Hash
4efe2bf090dacfa20e87b843b5cf3e94
9c98a7b2001c400b7950cc672f18cf214dfa39f2
6b5f99856e4ef9906d89752b45d542ab01d3086cca96f24cb5b64525515f2eb7

HTTP Headers

GET /swap/static/css/6.d91ea986.chunk.css HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Cookie: AMP_0000000000=JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMmMxMWUxOGU5LTk1YWItNDZmMS1hNjY3LWRjZjlmZjU1MjVlZiUyMiUyQyUyMnNlc3Npb25JZCUyMiUzQTE2ODAxMDI5OTgxNDElN0Q=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
last-modified: Tue, 22 Nov 2022 15:43:46 GMT
access-control-allow-origin: *
etag: W/"637cee32-1c3"
expires: Wed, 29 Mar 2023 15:26:15 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 6CFA:5D22:CDD6A:D264D:6424563F
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:15 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102975.001295,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: 6b3db98399415f2393981b046131695d3e1c514f
content-length: 312
X-Firefox-Spdy: h2

xhp281.cn/swap/static/css/1.da6c4158.chunk.css

185.199.111.153

200 OK

88 B

URL HTTP/2
xhp281.cn/swap/static/css/1.da6c4158.chunk.css
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
ASCII text
Size
88 B (88 bytes)
Hash
22e9aa43e8a46b13b347989cdd43d245
20f0be3bd7ebf3a2eba68943f96c7dc8fdf0b506
b9dde4d0187db79e5c7fcc7d75b489bf02f5cda1e776900017e40fb5a6db0f41

HTTP Headers

GET /swap/static/css/1.da6c4158.chunk.css HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Cookie: AMP_0000000000=JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMmMxMWUxOGU5LTk1YWItNDZmMS1hNjY3LWRjZjlmZjU1MjVlZiUyMiUyQyUyMnNlc3Npb25JZCUyMiUzQTE2ODAxMDI5OTgxNDElN0Q=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: text/css; charset=utf-8
x-origin-cache: HIT
last-modified: Tue, 22 Nov 2022 15:43:46 GMT
access-control-allow-origin: *
etag: "637cee32-58"
expires: Wed, 29 Mar 2023 15:26:15 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 8F1E:81DE:C751B:CBDC0:6424563F
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:15 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102975.998618,VS0,VE118
vary: Accept-Encoding
x-fastly-request-id: 67bc094d6d1db51c572a1782bcf3864a6d7ae26e
content-length: 88
X-Firefox-Spdy: h2

xhp281.cn/swap/static/js/6.7570c0f4.chunk.js

185.199.111.153

200 OK

10 kB

URL HTTP/2
xhp281.cn/swap/static/js/6.7570c0f4.chunk.js
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (34491)
Size
10 kB (10246 bytes)
Hash
17133ff6d3ba6532e271ca039c62d839
f61f54c8b73ee418200ff978d67ddb960bcf3eba
c7f645e3a23e7d22abe81c55b9680f0661c5242fc1849edacc8e105979f35245

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /swap/static/js/6.7570c0f4.chunk.js HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Cookie: AMP_0000000000=JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMmMxMWUxOGU5LTk1YWItNDZmMS1hNjY3LWRjZjlmZjU1MjVlZiUyMiUyQyUyMnNlc3Npb25JZCUyMiUzQTE2ODAxMDI5OTgxNDElN0Q=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Tue, 22 Nov 2022 15:43:47 GMT
access-control-allow-origin: *
etag: W/"637cee33-86e8"
expires: Wed, 29 Mar 2023 15:26:15 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: F99C:15F5:CE7E9:D30DA:6424563F
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:15 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102975.002225,VS0,VE116
vary: Accept-Encoding
x-fastly-request-id: 3847985b5a8df49d216a38871ea9cfb064f211b4
content-length: 10246
X-Firefox-Spdy: h2

xhp281.cn/swap/static/js/0.d4248e7e.chunk.js

185.199.111.153

200 OK

3.4 kB

URL HTTP/2
xhp281.cn/swap/static/js/0.d4248e7e.chunk.js
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (9535)
Size
3.4 kB (3433 bytes)
Hash
cae24bb22bee733c8065c1054a657262
1924e36ee2d90b3303032d0bdd158cbddc45dcf1
198d32e8607b24c2159ab086391b5252c72c31aec3ace71f1a23febc786b51b3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /swap/static/js/0.d4248e7e.chunk.js HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Cookie: AMP_0000000000=JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMmMxMWUxOGU5LTk1YWItNDZmMS1hNjY3LWRjZjlmZjU1MjVlZiUyMiUyQyUyMnNlc3Npb25JZCUyMiUzQTE2ODAxMDI5OTgxNDElN0Q=
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Tue, 22 Nov 2022 15:43:46 GMT
access-control-allow-origin: *
etag: W/"637cee32-256c"
expires: Wed, 29 Mar 2023 15:26:15 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: E6FA:B6F5:CE0DA:D29A7:6424563F
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:15 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102975.997380,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: 1922e28776f9bf581d9f3699051030893393c49e
content-length: 3433
X-Firefox-Spdy: h2

celo-org.github.io/celo-token-list/celo.tokenlist.json

185.199.110.153

200 OK

3.7 kB

URL HTTP/2
celo-org.github.io/celo-token-list/celo.tokenlist.json
IP
185.199.110.153:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text
Size
3.7 kB (3702 bytes)
Hash
25d1eba1522d8e97c69701ae1d244c8c
90b4738c4e37a81df5df0ba6803a5485e77575fb
006d2ec2fa5c68cc3418e250e523fd2fc4ee4b071e6acf7621c04085ec85ea6b

HTTP Headers

GET /celo-token-list/celo.tokenlist.json HTTP/1.1
Host: celo-org.github.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
permissions-policy: interest-cohort=()
x-origin-cache: HIT
last-modified: Mon, 20 Mar 2023 16:36:27 GMT
access-control-allow-origin: *
strict-transport-security: max-age=31556952
etag: W/"64188b8b-4e50"
expires: Tue, 28 Mar 2023 23:27:01 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B3D6:3F92:178A651:184C351:6423756D
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:15 GMT
via: 1.1 varnish
age: 52
x-served-by: cache-bma1660-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1680102975.347081,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: 52a89e238d17d812322dca2c637a5c4843a67e8e
content-length: 3702
X-Firefox-Spdy: h2

static.optimism.io/optimism.tokenlist.json

185.199.110.153

200 OK

13 kB

URL HTTP/2
static.optimism.io/optimism.tokenlist.json
IP
185.199.110.153:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text
Size
13 kB (12731 bytes)
Hash
16df3588d5feb82070d7fc127793be1d
2299899dec28b9327a030715ac9e71cb979de36f
73665f89b374568c7a67121e5d32292dee654b9054ad5ffc429f6a9a09f1508e

HTTP Headers

GET /optimism.tokenlist.json HTTP/1.1
Host: static.optimism.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Tue, 28 Mar 2023 23:28:50 GMT
access-control-allow-origin: *
etag: W/"64237832-1ae6f"
expires: Tue, 28 Mar 2023 23:39:19 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: HIT
x-github-request-id: 2746:F08F:2D2E39F:2EAD8C5:64237940
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:15 GMT
via: 1.1 varnish
age: 488
x-served-by: cache-bma1622-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1680102975.361379,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 382015d311d2ada89b28d28930b44b7e838da07b
content-length: 12731
X-Firefox-Spdy: h2

raw.githubusercontent.com/compound-finance/token-list/master/compound.tokenlist.json

185.199.108.133

200 OK

3.8 kB

URL HTTP/2
raw.githubusercontent.com/compound-finance/token-list/master/compound.tokenlist.json
IP
185.199.108.133:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text
Size
3.8 kB (3844 bytes)
Hash
06a2a23189dc5281c3e2850dabde6250
badd1976ac9cbd7fa3e79569fdd5900a8d4d601a
6adb761bdd2c660777d60bf05e7d8eba9474527168d6147d1c1099f92db9196c

HTTP Headers

GET /compound-finance/token-list/master/compound.tokenlist.json HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: W/"e0f4798cabc5703161b931b5d659e3f78169d6818f71ec1ffb7b58d0ff42feec"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 9402:8BAB:C5FDD:CBEF9:6424563F
content-encoding: gzip
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102975.283831,VS0,VE120
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
x-fastly-request-id: c7eee21c6da3b859552cb83c1453fc0b99807530
expires: Wed, 29 Mar 2023 15:21:15 GMT
source-age: 0
content-length: 3844
X-Firefox-Spdy: h2

raw.githubusercontent.com/SetProtocol/uniswap-tokenlist/main/set.tokenlist.json

185.199.108.133

200 OK

5.5 kB

URL HTTP/2
raw.githubusercontent.com/SetProtocol/uniswap-tokenlist/main/set.tokenlist.json
IP
185.199.108.133:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text
Size
5.5 kB (5481 bytes)
Hash
9dd84685ab9140b59f4577dd85940bf1
fa4b3a40c010a53f36744f79bc96b763da07f811
d8f24e11869aac13162f03d42da445bffdeb67df0d7b4938f7104a66d5d52102

HTTP Headers

GET /SetProtocol/uniswap-tokenlist/main/set.tokenlist.json HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: W/"6e7178b01a4b37dbd71091ea76dd8894dd243b74dca596398dd60812fee73f6f"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: F5AA:6745:C7499:CD3C2:6424563F
content-encoding: gzip
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102975.286874,VS0,VE124
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
x-fastly-request-id: 8e6c3384eab525fc361fc4a4a88e15e70a0c913e
expires: Wed, 29 Mar 2023 15:21:15 GMT
source-age: 0
content-length: 5481
X-Firefox-Spdy: h2

raw.githubusercontent.com/The-Blockchain-Association/sec-notice-list/master/ba-sec-list.json

185.199.108.133

200 OK

2.5 kB

URL HTTP/2
raw.githubusercontent.com/The-Blockchain-Association/sec-notice-list/master/ba-sec-list.json
IP
185.199.108.133:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text
Size
2.5 kB (2513 bytes)
Hash
296e816aa38f6c2d69fa4afdcf6e8aab
c27d49c07948a625010bbe20f20bd5d00ff6d17e
65c365fa499e7ceba4d2bc711237133c5bd5fb900114147302e097c9d75ea0d1

HTTP Headers

GET /The-Blockchain-Association/sec-notice-list/master/ba-sec-list.json HTTP/1.1
Host: raw.githubusercontent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=300
content-security-policy: default-src 'none'; style-src 'unsafe-inline'; sandbox
content-type: text/plain; charset=utf-8
etag: W/"cd2dc15eb651e55c6ea6a8afe8994f65144c05370cc94561dc54b0bc0e83772c"
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block
x-github-request-id: 6FDE:9BB4:C593B:CB861:6424563F
content-encoding: gzip
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:15 GMT
via: 1.1 varnish
x-served-by: cache-bma1622-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102975.302763,VS0,VE109
vary: Authorization,Accept-Encoding,Origin
access-control-allow-origin: *
x-fastly-request-id: 9b9f86727f836b25d4a87ef749bd590e67631944
expires: Wed, 29 Mar 2023 15:21:15 GMT
source-age: 0
content-length: 2513
X-Firefox-Spdy: h2

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
ae816c490bf103dad8a0d4668f0cb6c7
81832a42b386d4961eac38fa193b27c9722253c2
47161e61662f20002f767931aa2cfe7911366026194f097dead8626982e331bb

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134460
Date: Wed, 29 Mar 2023 15:16:15 GMT
Etag: "6423bc38-1d7"
Expires: Fri, 31 Mar 2023 04:37:15 GMT
Last-Modified: Wed, 29 Mar 2023 04:19:04 GMT
Server: ECAcc (dcb/7F67)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: n6p4kZizs8Xi-d-mjcId-AEcadIL1XoW_YftDPFRoDizN6Y9um1_5A==
Age: 1091

api.coinmarketcap.com/data-api/v3/uniswap/all.json

54.230.111.40

200 OK

336 kB

URL HTTP/2
api.coinmarketcap.com/data-api/v3/uniswap/all.json
IP
54.230.111.40:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
336 kB (336161 bytes)
Hash
0556bdc80548835c8bdaedfb87242e37
0919baa9d4f405188011937c625190cbe4395839
a8f3ae66135ebeed8e4ca3e81d68dd4a7e225653ae593aaf07fc1bf910060aa2

HTTP Headers

GET /data-api/v3/uniswap/all.json HTTP/1.1
Host: api.coinmarketcap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 336161
date: Wed, 29 Mar 2023 15:16:15 GMT
server: Tengine
content-encoding: gzip
x-envoy-upstream-service-time: 77
x-request-id: 148f6a74-f350-40a5-bed0-7171a8041198
x-envoy-decorator-operation: cmc-gateway-service.cmc-backend.svc.cluster.local:9999/*
access-control-allow-credentials: true
access-control-allow-headers: origin,x-csrf-token,accept,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,fvideo-id,x-request-id,authHeader,accept-language,cmc-captcha-token,Platform,security-id,x-se-bh,x-se-pd,x-se-rd,x-se-sd,x-se-gsd,x-se-gd,device-info,x-pwd-encryption,deviceModel,deviceId,deviceName
access-control-allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE, PATCH
access-control-expose-headers: Authorization,x-cache,c-backend-cache
access-control-max-age: 600
x-cache: Miss from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cvV6qP2bW6Klrz5vU3n3FkjjWVFY94z3IkSGAPg03tT3x2JH5DmJwA==
X-Firefox-Spdy: h2

www.gemini.com/uniswap/manifest.json

54.230.111.117

200 OK

4.1 kB

URL HTTP/2
www.gemini.com/uniswap/manifest.json
IP
54.230.111.117:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text
Size
4.1 kB (4064 bytes)
Hash
aa4d72e49649cdc5a5c525fb55263535
6e8eca921737b2637df7542856c34107f301590e
20cd236efb6d4b93ea3e755e7dbeb577526be2fad25c6c2873bb703a7898de93

HTTP Headers

GET /uniswap/manifest.json HTTP/1.1
Host: www.gemini.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
content-length: 4064
accept-ranges: bytes
access-control-allow-origin: *
content-encoding: br
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-nf-request-id: 01GWN3R14J6XKNN8ATX3EX51J0
x-xss-protection: 1; mode=block
cache-control: public, max-age=0, must-revalidate
date: Wed, 29 Mar 2023 15:16:15 GMT
etag: "83ba856ecabd2c1322a38d80a3ec3dfc-ssl"
x-cache: RefreshHit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1HHFD7j25kM3P6g-lvnT2vTY1IIiEQXRJlvEZ0pBFpmMv_LIitNnPw==
X-Firefox-Spdy: h2

region1.google-analytics.com/g/collect?v=2&tid=G-KDP9B6W4H8&gtm=45je33r0&_p=487514977&cid=708700506.1680102998&ul=en-us&sr=1280x1024&_s=1&sid=1680102998&sct=1&seg=0&dl=https%3A%2F%2Fxhp281.cn%2Fswap%2F&dt=Uniswap%20Interface&en=Not%20Installed&_fv=1&_nsi=1&_ss=1&_ee=1&ep.storage=none&ep.storeGac=false&ep.event_category=Service%20Worker&ep.non_interaction=true

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-KDP9B6W4H8&gtm=45je33r0&_p=487514977&cid=708700506.1680102998&ul=en-us&sr=1280x1024&_s=1&sid=1680102998&sct=1&seg=0&dl=https%3A%2F%2Fxhp281.cn%2Fswap%2F&dt=Uniswap%20Interface&en=Not%20Installed&_fv=1&_nsi=1&_ss=1&_ee=1&ep.storage=none&ep.storeGac=false&ep.event_category=Service%20Worker&ep.non_interaction=true
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-KDP9B6W4H8&gtm=45je33r0&_p=487514977&cid=708700506.1680102998&ul=en-us&sr=1280x1024&_s=1&sid=1680102998&sct=1&seg=0&dl=https%3A%2F%2Fxhp281.cn%2Fswap%2F&dt=Uniswap%20Interface&en=Not%20Installed&_fv=1&_nsi=1&_ss=1&_ee=1&ep.storage=none&ep.storeGac=false&ep.event_category=Service%20Worker&ep.non_interaction=true HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xhp281.cn
Connection: keep-alive
Referer: https://xhp281.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://xhp281.cn
date: Wed, 29 Mar 2023 15:16:15 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gemini.com/uniswap/manifest.json

54.230.111.117

304 Not Modified

0 B

URL HTTP/2
www.gemini.com/uniswap/manifest.json
IP
54.230.111.117:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uniswap/manifest.json HTTP/1.1
Host: www.gemini.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: "83ba856ecabd2c1322a38d80a3ec3dfc-ssl"
TE: trailers

HTTP/2 304 Not Modified
date: Wed, 29 Mar 2023 15:16:15 GMT
access-control-allow-origin: *
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-nf-request-id: 01GWN3R14J6XKNN8ATX3EX51J0
x-xss-protection: 1; mode=block
cache-control: public, max-age=0, must-revalidate
etag: "83ba856ecabd2c1322a38d80a3ec3dfc-ssl"
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lK-1FNjVP98AOguWDVVf7WlAJ9JU0jLyhonAj5vLOuIHWWvtIZwK9Q==
X-Firefox-Spdy: h2

api.coinmarketcap.com/data-api/v3/uniswap/all.json

54.230.111.40

200 OK

336 kB

URL HTTP/2
api.coinmarketcap.com/data-api/v3/uniswap/all.json
IP
54.230.111.40:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
336 kB (336161 bytes)
Hash
0556bdc80548835c8bdaedfb87242e37
0919baa9d4f405188011937c625190cbe4395839
a8f3ae66135ebeed8e4ca3e81d68dd4a7e225653ae593aaf07fc1bf910060aa2

HTTP Headers

GET /data-api/v3/uniswap/all.json HTTP/1.1
Host: api.coinmarketcap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 336161
date: Wed, 29 Mar 2023 15:16:15 GMT
server: Tengine
content-encoding: gzip
x-envoy-upstream-service-time: 77
x-request-id: 148f6a74-f350-40a5-bed0-7171a8041198
x-envoy-decorator-operation: cmc-gateway-service.cmc-backend.svc.cluster.local:9999/*
access-control-allow-credentials: true
access-control-allow-headers: origin,x-csrf-token,accept,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,fvideo-id,x-request-id,authHeader,accept-language,cmc-captcha-token,Platform,security-id,x-se-bh,x-se-pd,x-se-rd,x-se-sd,x-se-gsd,x-se-gd,device-info,x-pwd-encryption,deviceModel,deviceId,deviceName
access-control-allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE, PATCH
access-control-expose-headers: Authorization,x-cache,c-backend-cache
access-control-max-age: 600
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PgfvGPFXSBEzKEbB3rVLnnnCUKeat583re6FbNeypG5YLGP2fxSMLg==
X-Firefox-Spdy: h2

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
bdfc031e136bfbb211a4d76e4154de0b
6b481bd4cf97f538df45b640021df41c3f16bb03
8eb62bc9d2346505aaadfcf471eac2caf2132e827a1fad80fdce2cb905e9719e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=144076
Date: Wed, 29 Mar 2023 15:16:15 GMT
Etag: "6423d577-1d7"
Expires: Fri, 31 Mar 2023 07:17:31 GMT
Last-Modified: Wed, 29 Mar 2023 06:06:47 GMT
Server: ECAcc (nya/7970)
X-Cache: Miss from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FsGMwY2JvPsVQR4c-dN56NdSGY9ujmvxVRrTIaSbot597UwbeaDzIw==
Age: 4244

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
bdfc031e136bfbb211a4d76e4154de0b
6b481bd4cf97f538df45b640021df41c3f16bb03
8eb62bc9d2346505aaadfcf471eac2caf2132e827a1fad80fdce2cb905e9719e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=143684
Date: Wed, 29 Mar 2023 15:16:15 GMT
Etag: "6423d577-1d7"
Expires: Fri, 31 Mar 2023 07:10:59 GMT
Last-Modified: Wed, 29 Mar 2023 06:06:47 GMT
Server: ECAcc (nya/79E6)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: aKOq2JuM4kDI3NYT1c7FVPwsiWb31_3Cm9WXAn-_XIakfYRqx2G1Fw==
Age: 3852

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
bdfc031e136bfbb211a4d76e4154de0b
6b481bd4cf97f538df45b640021df41c3f16bb03
8eb62bc9d2346505aaadfcf471eac2caf2132e827a1fad80fdce2cb905e9719e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 29 Mar 2023 15:16:15 GMT
Last-Modified: Wed, 29 Mar 2023 13:50:44 GMT
Server: ECAcc (nya/789C)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: q76BWbAFikag7blCs744SOT0JH0_fxNc1STz7w8HTjTM2IP1bUuxOw==
Age: 5132

ocsp.r2m01.amazontrust.com/

54.230.80.227

200 OK

471 B

URL HTTP/1.1
ocsp.r2m01.amazontrust.com/
IP
54.230.80.227:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
bdfc031e136bfbb211a4d76e4154de0b
6b481bd4cf97f538df45b640021df41c3f16bb03
8eb62bc9d2346505aaadfcf471eac2caf2132e827a1fad80fdce2cb905e9719e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 29 Mar 2023 15:16:15 GMT
Last-Modified: Wed, 29 Mar 2023 14:55:14 GMT
Server: ECAcc (nya/7958)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: qoSV6ovU11gA_BtM1ILDC2h36fqtWfC-mGZyv4fdlZUDHTi-HIo47A==
Age: 1261

bridge.arbitrum.io/token-list-42161.json

76.76.21.164

308 Permanent Redirect

565 B

URL HTTP/2
bridge.arbitrum.io/token-list-42161.json
IP
76.76.21.164:0
ASN
#16509 AMAZON-02

File type
data
Size
565 B (565 bytes)
Hash
0d46a2ba83d77e16fc7fe28738a73c2e
9bab4f2b9097245b78fcfa826fe2a9eef704191c
51ca0d09524c5bb54d06252299061fc76b5b6fed1a87d282fc569e0b31c87e7a

HTTP Headers

GET /token-list-42161.json HTTP/1.1
Host: bridge.arbitrum.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 308 Permanent Redirect
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Wed, 29 Mar 2023 15:16:15 GMT
location: https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
referrer-policy: origin-when-cross-origin
refresh: 0;url=https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: arn1::vkq6f-1680102975336-094958e3558e
X-Firefox-Spdy: h2

www.gemini.com/uniswap/manifest.json

54.230.111.117

304 Not Modified

0 B

URL HTTP/2
www.gemini.com/uniswap/manifest.json
IP
54.230.111.117:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uniswap/manifest.json HTTP/1.1
Host: www.gemini.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: "83ba856ecabd2c1322a38d80a3ec3dfc-ssl"
TE: trailers

HTTP/2 304 Not Modified
date: Wed, 29 Mar 2023 15:16:16 GMT
access-control-allow-origin: *
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-nf-request-id: 01GWN3R14J6XKNN8ATX3EX51J0
x-xss-protection: 1; mode=block
cache-control: public, max-age=0, must-revalidate
etag: "83ba856ecabd2c1322a38d80a3ec3dfc-ssl"
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vESklt-0eic9rdTB49CimXk49VymmfyC4mUluF_AcUXs6_ydfFdyNw==
age: 1
X-Firefox-Spdy: h2

api.coinmarketcap.com/data-api/v3/uniswap/all.json

54.230.111.40

200 OK

336 kB

URL HTTP/2
api.coinmarketcap.com/data-api/v3/uniswap/all.json
IP
54.230.111.40:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
336 kB (336161 bytes)
Hash
0556bdc80548835c8bdaedfb87242e37
0919baa9d4f405188011937c625190cbe4395839
a8f3ae66135ebeed8e4ca3e81d68dd4a7e225653ae593aaf07fc1bf910060aa2

HTTP Headers

GET /data-api/v3/uniswap/all.json HTTP/1.1
Host: api.coinmarketcap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 336161
date: Wed, 29 Mar 2023 15:16:15 GMT
server: Tengine
content-encoding: gzip
x-envoy-upstream-service-time: 77
x-request-id: 148f6a74-f350-40a5-bed0-7171a8041198
x-envoy-decorator-operation: cmc-gateway-service.cmc-backend.svc.cluster.local:9999/*
access-control-allow-credentials: true
access-control-allow-headers: origin,x-csrf-token,accept,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,fvideo-id,x-request-id,authHeader,accept-language,cmc-captcha-token,Platform,security-id,x-se-bh,x-se-pd,x-se-rd,x-se-sd,x-se-gsd,x-se-gd,device-info,x-pwd-encryption,deviceModel,deviceId,deviceName
access-control-allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE, PATCH
access-control-expose-headers: Authorization,x-cache,c-backend-cache
access-control-max-age: 600
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bseecJ_ktggGlq92DLfii4jByPSJH2DGR5_kLTLfprswEwC_nb_VKg==
age: 1
X-Firefox-Spdy: h2

www.gemini.com/uniswap/manifest.json

54.230.111.117

304 Not Modified

0 B

URL HTTP/2
www.gemini.com/uniswap/manifest.json
IP
54.230.111.117:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /uniswap/manifest.json HTTP/1.1
Host: www.gemini.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
If-None-Match: "83ba856ecabd2c1322a38d80a3ec3dfc-ssl"
TE: trailers

HTTP/2 304 Not Modified
date: Wed, 29 Mar 2023 15:16:16 GMT
access-control-allow-origin: *
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
x-nf-request-id: 01GWN3R14J6XKNN8ATX3EX51J0
x-xss-protection: 1; mode=block
cache-control: public, max-age=0, must-revalidate
etag: "83ba856ecabd2c1322a38d80a3ec3dfc-ssl"
x-cache: Hit from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JblaUSEqitmos7YXAYKyrGr5lwIZnf3DEN3BSyi-X6lWbu8HpKQuxA==
age: 1
X-Firefox-Spdy: h2

api.coinmarketcap.com/data-api/v3/uniswap/all.json

54.230.111.40

200 OK

336 kB

URL HTTP/2
api.coinmarketcap.com/data-api/v3/uniswap/all.json
IP
54.230.111.40:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
336 kB (336161 bytes)
Hash
0556bdc80548835c8bdaedfb87242e37
0919baa9d4f405188011937c625190cbe4395839
a8f3ae66135ebeed8e4ca3e81d68dd4a7e225653ae593aaf07fc1bf910060aa2

HTTP Headers

GET /data-api/v3/uniswap/all.json HTTP/1.1
Host: api.coinmarketcap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 336161
date: Wed, 29 Mar 2023 15:16:15 GMT
server: Tengine
content-encoding: gzip
x-envoy-upstream-service-time: 77
x-request-id: 148f6a74-f350-40a5-bed0-7171a8041198
x-envoy-decorator-operation: cmc-gateway-service.cmc-backend.svc.cluster.local:9999/*
access-control-allow-credentials: true
access-control-allow-headers: origin,x-csrf-token,accept,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,fvideo-id,x-request-id,authHeader,accept-language,cmc-captcha-token,Platform,security-id,x-se-bh,x-se-pd,x-se-rd,x-se-sd,x-se-gsd,x-se-gd,device-info,x-pwd-encryption,deviceModel,deviceId,deviceName
access-control-allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE, PATCH
access-control-expose-headers: Authorization,x-cache,c-backend-cache
access-control-max-age: 600
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Hlgi-s7x7K-anwvfhjptQVaLcggewt_GW8CCPXp6U8Q5mCSpbz_7VA==
age: 1
X-Firefox-Spdy: h2

mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

54.162.189.170

200 OK

0 B

URL HTTP/2
mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
IP
54.162.189.170:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v3/099fc58e0de9451d80b18d7c74caa7c1 HTTP/1.1
Host: mainnet.infura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:16:16 GMT
content-length: 0
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://xhp281.cn
access-control-max-age: 86400
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

54.162.189.170

200 OK

0 B

URL HTTP/2
mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
IP
54.162.189.170:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v3/099fc58e0de9451d80b18d7c74caa7c1 HTTP/1.1
Host: mainnet.infura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0
TE: trailers

HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:16:16 GMT
content-length: 0
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://xhp281.cn
access-control-max-age: 86400
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

54.162.189.170

200 OK

0 B

URL HTTP/2
mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
IP
54.162.189.170:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v3/099fc58e0de9451d80b18d7c74caa7c1 HTTP/1.1
Host: mainnet.infura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:16:16 GMT
content-length: 0
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://xhp281.cn
access-control-max-age: 86400
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

xhp281.cn/swap/static/js/11.4db60d0b.chunk.js

185.199.111.153

200 OK

6.8 kB

URL HTTP/2
xhp281.cn/swap/static/js/11.4db60d0b.chunk.js
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (39617)
Size
6.8 kB (6847 bytes)
Hash
851f8f26b2fa79a709aa91f4c6fc1e00
2477b85c30d90608839237725d7399f0dd0d197a
f132f7f5c04673575caa3ddc6b6636c4c2b3bac0ba4e6ad33dcc07685f3fc034

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /swap/static/js/11.4db60d0b.chunk.js HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Cookie: AMP_0000000000=JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMmMxMWUxOGU5LTk1YWItNDZmMS1hNjY3LWRjZjlmZjU1MjVlZiUyMiUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNjgwMTAyOTk5MjYzJTJDJTIyc2Vzc2lvbklkJTIyJTNBMTY4MDEwMjk5ODE0MSU3RA==; _ga_KDP9B6W4H8=GS1.1.1680102998.1.1.1680102999.0.0.0; _ga=GA1.1.708700506.1680102998
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Tue, 22 Nov 2022 15:43:46 GMT
access-control-allow-origin: *
etag: W/"637cee32-9aef"
expires: Wed, 29 Mar 2023 15:26:16 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 9DA2:10426:CFCF7:D45FA:64245640
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102976.992739,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: f6a6f16e86aa403c562018c72046d5b51da81224
content-length: 6847
X-Firefox-Spdy: h2

xhp281.cn/swap/static/js/5.2a551089.chunk.js

185.199.111.153

200 OK

42 kB

URL HTTP/2
xhp281.cn/swap/static/js/5.2a551089.chunk.js
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65462)
Size
42 kB (41716 bytes)
Hash
7f72eb5c50c34b90e2a9e27d36a7270e
6bfc974691391d5c2ab22206bb5e8c9380953333
9d7fd1f70bf6fa63987b179fee2a027d55c27dde2e278a7a12b826da05ee2657

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /swap/static/js/5.2a551089.chunk.js HTTP/1.1
Host: xhp281.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://xhp281.cn/swap/
Cookie: AMP_0000000000=JTdCJTIyb3B0T3V0JTIyJTNBZmFsc2UlMkMlMjJkZXZpY2VJZCUyMiUzQSUyMmMxMWUxOGU5LTk1YWItNDZmMS1hNjY3LWRjZjlmZjU1MjVlZiUyMiUyQyUyMmxhc3RFdmVudFRpbWUlMjIlM0ExNjgwMTAyOTk5MjYzJTJDJTIyc2Vzc2lvbklkJTIyJTNBMTY4MDEwMjk5ODE0MSU3RA==; _ga_KDP9B6W4H8=GS1.1.1680102998.1.1.1680102999.0.0.0; _ga=GA1.1.708700506.1680102998
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Tue, 22 Nov 2022 15:43:47 GMT
access-control-allow-origin: *
etag: W/"637cee33-23d52"
expires: Wed, 29 Mar 2023 15:26:16 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 9EF6:B6F5:CE17D:D2A59:64245640
accept-ranges: bytes
date: Wed, 29 Mar 2023 15:16:16 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1680102976.994488,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: 0a017ef4161d6f03550e2434805da028943d0f0a
content-length: 41716
X-Firefox-Spdy: h2

mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

54.162.189.170

200 OK

0 B

URL HTTP/2
mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
IP
54.162.189.170:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v3/099fc58e0de9451d80b18d7c74caa7c1 HTTP/1.1
Host: mainnet.infura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:16:16 GMT
content-length: 0
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://xhp281.cn
access-control-max-age: 86400
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

54.162.189.170

200 OK

0 B

URL HTTP/2
mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
IP
54.162.189.170:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /v3/099fc58e0de9451d80b18d7c74caa7c1 HTTP/1.1
Host: mainnet.infura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Cache-Control: max-age=0

HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:16:16 GMT
content-length: 0
access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://xhp281.cn
access-control-max-age: 86400
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
X-Firefox-Spdy: h2

mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

54.162.189.170

403 Forbidden

90 B

URL HTTP/2
mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
IP
54.162.189.170:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text
Size
90 B (90 bytes)
Hash
77221fc14b85ed0fcbc3c23eac83d1a4
3da6f88380612c627ce3f144dd38f0e91c63a2bc
1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6

HTTP Headers

POST /v3/099fc58e0de9451d80b18d7c74caa7c1 HTTP/1.1
Host: mainnet.infura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
content-type: application/json
Origin: https://xhp281.cn
Content-Length: 201
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 29 Mar 2023 15:16:16 GMT
content-type: text/plain; charset=utf-8
content-length: 90
access-control-allow-origin: https://xhp281.cn
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
X-Firefox-Spdy: h2

mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

54.162.189.170

403 Forbidden

90 B

URL HTTP/2
mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
IP
54.162.189.170:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text
Size
90 B (90 bytes)
Hash
77221fc14b85ed0fcbc3c23eac83d1a4
3da6f88380612c627ce3f144dd38f0e91c63a2bc
1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6

HTTP Headers

POST /v3/099fc58e0de9451d80b18d7c74caa7c1 HTTP/1.1
Host: mainnet.infura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
content-type: application/json
Origin: https://xhp281.cn
Content-Length: 64
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 29 Mar 2023 15:16:16 GMT
content-type: text/plain; charset=utf-8
content-length: 90
access-control-allow-origin: https://xhp281.cn
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
X-Firefox-Spdy: h2

mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

54.162.189.170

403 Forbidden

90 B

URL HTTP/2
mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
IP
54.162.189.170:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text
Size
90 B (90 bytes)
Hash
77221fc14b85ed0fcbc3c23eac83d1a4
3da6f88380612c627ce3f144dd38f0e91c63a2bc
1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6

HTTP Headers

POST /v3/099fc58e0de9451d80b18d7c74caa7c1 HTTP/1.1
Host: mainnet.infura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
content-type: application/json
Origin: https://xhp281.cn
Content-Length: 201
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 29 Mar 2023 15:16:16 GMT
content-type: text/plain; charset=utf-8
content-length: 90
access-control-allow-origin: https://xhp281.cn
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
X-Firefox-Spdy: h2

mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

54.162.189.170

403 Forbidden

90 B

URL HTTP/2
mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
IP
54.162.189.170:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text
Size
90 B (90 bytes)
Hash
77221fc14b85ed0fcbc3c23eac83d1a4
3da6f88380612c627ce3f144dd38f0e91c63a2bc
1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6

HTTP Headers

POST /v3/099fc58e0de9451d80b18d7c74caa7c1 HTTP/1.1
Host: mainnet.infura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
content-type: application/json
Origin: https://xhp281.cn
Content-Length: 201
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 29 Mar 2023 15:16:16 GMT
content-type: text/plain; charset=utf-8
content-length: 90
access-control-allow-origin: https://xhp281.cn
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
X-Firefox-Spdy: h2

mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1

54.162.189.170

403 Forbidden

90 B

URL HTTP/2
mainnet.infura.io/v3/099fc58e0de9451d80b18d7c74caa7c1
IP
54.162.189.170:0
ASN
#14618 AMAZON-AES

File type
JSON data\012- , ASCII text
Size
90 B (90 bytes)
Hash
77221fc14b85ed0fcbc3c23eac83d1a4
3da6f88380612c627ce3f144dd38f0e91c63a2bc
1264930ffa407937b1486ae664841287ada5961471c40f25e8a94d962c1d08c6

HTTP Headers

POST /v3/099fc58e0de9451d80b18d7c74caa7c1 HTTP/1.1
Host: mainnet.infura.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
content-type: application/json
Origin: https://xhp281.cn
Content-Length: 64
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 403 Forbidden
date: Wed, 29 Mar 2023 15:16:16 GMT
content-type: text/plain; charset=utf-8
content-length: 90
access-control-allow-origin: https://xhp281.cn
vary: Origin, Accept-Encoding
x-content-type-options: nosniff
X-Firefox-Spdy: h2

bridge.arbitrum.io/token-list-42161.json

76.76.21.164

308 Permanent Redirect

336 kB

URL HTTP/2
bridge.arbitrum.io/token-list-42161.json
IP
76.76.21.164:0
ASN
#16509 AMAZON-02

File type
data
Size
336 kB (336255 bytes)
Hash
cb5d332b0dac7ab09e7769807e5a4049
05fe0b38c1eaa47f28b363d137225a7af492da2e
2e786ca449694cc3a2cf6b4f83c4d3077da5f05c47f34fb783646a85c42273ff

HTTP Headers

GET /token-list-42161.json HTTP/1.1
Host: bridge.arbitrum.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 308 Permanent Redirect
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Wed, 29 Mar 2023 15:16:16 GMT
location: https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
referrer-policy: origin-when-cross-origin
refresh: 0;url=https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: arn1::gfgjw-1680102976103-16a346f69bc8
X-Firefox-Spdy: h2

api.coinmarketcap.com/data-api/v3/uniswap/all.json

54.230.111.40

200 OK

336 kB

URL HTTP/2
api.coinmarketcap.com/data-api/v3/uniswap/all.json
IP
54.230.111.40:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
336 kB (336161 bytes)
Hash
0556bdc80548835c8bdaedfb87242e37
0919baa9d4f405188011937c625190cbe4395839
a8f3ae66135ebeed8e4ca3e81d68dd4a7e225653ae593aaf07fc1bf910060aa2

HTTP Headers

GET /data-api/v3/uniswap/all.json HTTP/1.1
Host: api.coinmarketcap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 336161
date: Wed, 29 Mar 2023 15:16:15 GMT
server: Tengine
content-encoding: gzip
x-envoy-upstream-service-time: 77
x-request-id: 148f6a74-f350-40a5-bed0-7171a8041198
x-envoy-decorator-operation: cmc-gateway-service.cmc-backend.svc.cluster.local:9999/*
access-control-allow-credentials: true
access-control-allow-headers: origin,x-csrf-token,accept,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,fvideo-id,x-request-id,authHeader,accept-language,cmc-captcha-token,Platform,security-id,x-se-bh,x-se-pd,x-se-rd,x-se-sd,x-se-gsd,x-se-gd,device-info,x-pwd-encryption,deviceModel,deviceId,deviceName
access-control-allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE, PATCH
access-control-expose-headers: Authorization,x-cache,c-backend-cache
access-control-max-age: 600
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kRqtexO05lLbR7TZoJjJ1UbMdWu5EqcBnOlrTk6O36YgAxwiz7WT2A==
age: 1
X-Firefox-Spdy: h2

api.uniswap.org/v1/amplitude-proxy

54.230.111.83

409 Conflict

30 B

URL HTTP/2
api.uniswap.org/v1/amplitude-proxy
IP
54.230.111.83:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
504a341f40609478b7944e7027f9d2d8
1e788353409b8a5407bc5b17f6eff7bb89be6f81
d23cfc2d7fadc545782890757788e10a03f1530e6bc831da887eaf7adb67aed3

HTTP Headers

OPTIONS /v1/amplitude-proxy HTTP/1.1
Host: api.uniswap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-origin-application
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 409 Conflict
content-type: application/json
content-length: 30
date: Wed, 29 Mar 2023 15:16:16 GMT
x-amzn-requestid: db13c342-fb71-4f3d-a500-2b876cdeeec9
x-amzn-errortype: ForbiddenException
x-amz-apigw-id: CjJqHGj6iYcFi4w=
x-amzn-trace-id: Root=1-64245640-7d04ca6a40efdc7d7157aead
x-cache: Error from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Gir1awZfXKidwAUxLc-KPyyQBv9eFnv4duCHpJ6RYsw8sqdbmBhRTw==
X-Firefox-Spdy: h2

bridge.arbitrum.io/token-list-42161.json

76.76.21.164

308 Permanent Redirect

336 kB

URL HTTP/2
bridge.arbitrum.io/token-list-42161.json
IP
76.76.21.164:0
ASN
#16509 AMAZON-02

File type
data
Size
336 kB (336255 bytes)
Hash
cb5d332b0dac7ab09e7769807e5a4049
05fe0b38c1eaa47f28b363d137225a7af492da2e
2e786ca449694cc3a2cf6b4f83c4d3077da5f05c47f34fb783646a85c42273ff

HTTP Headers

GET /token-list-42161.json HTTP/1.1
Host: bridge.arbitrum.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 308 Permanent Redirect
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Wed, 29 Mar 2023 15:16:16 GMT
location: https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
referrer-policy: origin-when-cross-origin
refresh: 0;url=https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: arn1::zgf5r-1680102976399-2d28c6c28e46
X-Firefox-Spdy: h2

api.coinmarketcap.com/data-api/v3/uniswap/all.json

54.230.111.40

200 OK

336 kB

URL HTTP/2
api.coinmarketcap.com/data-api/v3/uniswap/all.json
IP
54.230.111.40:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
336 kB (336161 bytes)
Hash
0556bdc80548835c8bdaedfb87242e37
0919baa9d4f405188011937c625190cbe4395839
a8f3ae66135ebeed8e4ca3e81d68dd4a7e225653ae593aaf07fc1bf910060aa2

HTTP Headers

GET /data-api/v3/uniswap/all.json HTTP/1.1
Host: api.coinmarketcap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xhp281.cn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://xhp281.cn/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 336161
date: Wed, 29 Mar 2023 15:16:15 GMT
server: Tengine
content-encoding: gzip
x-envoy-upstream-service-time: 77
x-request-id: 148f6a74-f350-40a5-bed0-7171a8041198
x-envoy-decorator-operation: cmc-gateway-service.cmc-backend.svc.cluster.local:9999/*
access-control-allow-credentials: true
access-control-allow-headers: origin,x-csrf-token,accept,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,fvideo-id,x-request-id,authHeader,accept-language,cmc-captcha-token,Platform,security-id,x-se-bh,x-se-pd,x-se-rd,x-se-sd,x-se-gsd,x-se-gd,device-info,x-pwd-encryption,deviceModel,deviceId,deviceName
access-control-allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE, PATCH
access-control-expose-headers: Authorization,x-cache,c-backend-cache
access-control-max-age: 600
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sah-LBaRToc4Bj9s1v6fsFN2qlWzMEuSkC8pVWWKGRm-xh53uk4PFg==
age: 1
X-Firefox-Spdy: h2

api.coinmarketcap.com/data-api/v3/uniswap/all.json

54.230.111.40

200 OK

336 kB

URL HTTP/2
api.coinmarketcap.com/data-api/v3/uniswap/all.json
IP
54.230.111.40:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
336 kB (336161 bytes)
Hash
0556bdc80548835c8bdaedfb87242e37
0919baa9d4f405188011937c625190cbe4395839
a8f3ae66135ebeed8e4ca3e81d68dd4a7e225653ae593aaf07fc1bf910060aa2

HTTP Headers

GET /data-api/v3/uniswap/all.json HTTP/1.1
Host: api.coinmarketcap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xhp281.cn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://xhp281.cn/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 336161
date: Wed, 29 Mar 2023 15:16:15 GMT
server: Tengine
content-encoding: gzip
x-envoy-upstream-service-time: 77
x-request-id: 148f6a74-f350-40a5-bed0-7171a8041198
x-envoy-decorator-operation: cmc-gateway-service.cmc-backend.svc.cluster.local:9999/*
access-control-allow-credentials: true
access-control-allow-headers: origin,x-csrf-token,accept,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,fvideo-id,x-request-id,authHeader,accept-language,cmc-captcha-token,Platform,security-id,x-se-bh,x-se-pd,x-se-rd,x-se-sd,x-se-gsd,x-se-gd,device-info,x-pwd-encryption,deviceModel,deviceId,deviceName
access-control-allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE, PATCH
access-control-expose-headers: Authorization,x-cache,c-backend-cache
access-control-max-age: 600
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NBpCUxqpxQZXpu1PE3rJ9ERsZGYFXzoXik8Agi-uNPUw0donU4DXkQ==
age: 2
X-Firefox-Spdy: h2

api.coinmarketcap.com/data-api/v3/uniswap/all.json

54.230.111.40

200 OK

336 kB

URL HTTP/2
api.coinmarketcap.com/data-api/v3/uniswap/all.json
IP
54.230.111.40:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
336 kB (336161 bytes)
Hash
0556bdc80548835c8bdaedfb87242e37
0919baa9d4f405188011937c625190cbe4395839
a8f3ae66135ebeed8e4ca3e81d68dd4a7e225653ae593aaf07fc1bf910060aa2

HTTP Headers

GET /data-api/v3/uniswap/all.json HTTP/1.1
Host: api.coinmarketcap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xhp281.cn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://xhp281.cn/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 336161
date: Wed, 29 Mar 2023 15:16:15 GMT
server: Tengine
content-encoding: gzip
x-envoy-upstream-service-time: 77
x-request-id: 148f6a74-f350-40a5-bed0-7171a8041198
x-envoy-decorator-operation: cmc-gateway-service.cmc-backend.svc.cluster.local:9999/*
access-control-allow-credentials: true
access-control-allow-headers: origin,x-csrf-token,accept,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,fvideo-id,x-request-id,authHeader,accept-language,cmc-captcha-token,Platform,security-id,x-se-bh,x-se-pd,x-se-rd,x-se-sd,x-se-gsd,x-se-gd,device-info,x-pwd-encryption,deviceModel,deviceId,deviceName
access-control-allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE, PATCH
access-control-expose-headers: Authorization,x-cache,c-backend-cache
access-control-max-age: 600
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3wXvR0NpTYUFCo_YSMaTmnFw2BFGfb_ggEysTU-fw4W2EDARS4ZQSw==
age: 2
X-Firefox-Spdy: h2

api.coinmarketcap.com/data-api/v3/uniswap/all.json

54.230.111.40

200 OK

336 kB

URL HTTP/2
api.coinmarketcap.com/data-api/v3/uniswap/all.json
IP
54.230.111.40:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
336 kB (336161 bytes)
Hash
0556bdc80548835c8bdaedfb87242e37
0919baa9d4f405188011937c625190cbe4395839
a8f3ae66135ebeed8e4ca3e81d68dd4a7e225653ae593aaf07fc1bf910060aa2

HTTP Headers

GET /data-api/v3/uniswap/all.json HTTP/1.1
Host: api.coinmarketcap.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xhp281.cn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://xhp281.cn/
Connection: keep-alive
TE: trailers

HTTP/2 200 OK
content-type: application/json
content-length: 336161
date: Wed, 29 Mar 2023 15:16:15 GMT
server: Tengine
content-encoding: gzip
x-envoy-upstream-service-time: 77
x-request-id: 148f6a74-f350-40a5-bed0-7171a8041198
x-envoy-decorator-operation: cmc-gateway-service.cmc-backend.svc.cluster.local:9999/*
access-control-allow-credentials: true
access-control-allow-headers: origin,x-csrf-token,accept,DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,fvideo-id,x-request-id,authHeader,accept-language,cmc-captcha-token,Platform,security-id,x-se-bh,x-se-pd,x-se-rd,x-se-sd,x-se-gsd,x-se-gd,device-info,x-pwd-encryption,deviceModel,deviceId,deviceName
access-control-allow-methods: OPTIONS, HEAD, GET, POST, PUT, DELETE, PATCH
access-control-expose-headers: Authorization,x-cache,c-backend-cache
access-control-max-age: 600
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FhP72VzOatyvhEaHkoe-3yf2rQ3jp4YYkOcXenWHna05AwLXug08wA==
age: 2
X-Firefox-Spdy: h2

bridge.arbitrum.io/token-list-42161.json

76.76.21.164

308 Permanent Redirect

336 kB

URL HTTP/2
bridge.arbitrum.io/token-list-42161.json
IP
76.76.21.164:0
ASN
#16509 AMAZON-02

File type
data
Size
336 kB (336255 bytes)
Hash
cb5d332b0dac7ab09e7769807e5a4049
05fe0b38c1eaa47f28b363d137225a7af492da2e
2e786ca449694cc3a2cf6b4f83c4d3077da5f05c47f34fb783646a85c42273ff

HTTP Headers

GET /token-list-42161.json HTTP/1.1
Host: bridge.arbitrum.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 308 Permanent Redirect
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Wed, 29 Mar 2023 15:16:16 GMT
location: https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
referrer-policy: origin-when-cross-origin
refresh: 0;url=https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: arn1::4tkkl-1680102976447-08e9928f5d35
X-Firefox-Spdy: h2

api.uniswap.org/v1/amplitude-proxy

54.230.111.83

409 Conflict

30 B

URL HTTP/2
api.uniswap.org/v1/amplitude-proxy
IP
54.230.111.83:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
30 B (30 bytes)
Hash
504a341f40609478b7944e7027f9d2d8
1e788353409b8a5407bc5b17f6eff7bb89be6f81
d23cfc2d7fadc545782890757788e10a03f1530e6bc831da887eaf7adb67aed3

HTTP Headers

OPTIONS /v1/amplitude-proxy HTTP/1.1
Host: api.uniswap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-origin-application
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 409 Conflict
content-type: application/json
content-length: 30
date: Wed, 29 Mar 2023 15:16:17 GMT
x-amzn-requestid: db26f5de-a2c2-4639-be02-440da5c6a1e0
x-amzn-errortype: ForbiddenException
x-amz-apigw-id: CjJqWFkwiYcF8yA=
x-amzn-trace-id: Root=1-64245641-2c876542706811a4375427e1
x-cache: Error from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rvlaUbtgUPWHmzERzF3U-eUeHC59Q9szAGQyZAzrK6k74RWE6ahkrA==
X-Firefox-Spdy: h2

bridge.arbitrum.io/token-list-42161.json

76.76.21.164

308 Permanent Redirect

0 B

URL HTTP/2
bridge.arbitrum.io/token-list-42161.json
IP
76.76.21.164:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /token-list-42161.json HTTP/1.1
Host: bridge.arbitrum.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 308 Permanent Redirect
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Wed, 29 Mar 2023 15:16:16 GMT
location: https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
referrer-policy: origin-when-cross-origin
refresh: 0;url=https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: arn1::gfgjw-1680102976038-8cb0fdf631dc
X-Firefox-Spdy: h2

tokens.uniswap.org/

104.18.22.54

200 OK

0 B

URL HTTP/2
tokens.uniswap.org/
IP
104.18.22.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: tokens.uniswap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:16:16 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=86400, stale-if-error=86400
etag: W/"QmZqeoEbaC6DskKZHVhEtvSMu9SU7nJmAoaSqj1ooyXGqh"
last-modified: Wed, 29 Mar 2023 15:16:16 GMT
set-cookie: __cflb=02DiuEkP8hw3gxppKvBYxa2eaW7UoqmRB1SvAfWefWX7i; SameSite=Lax; path=/; expires=Thu, 30-Mar-23 14:16:16 GMT; HttpOnly
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipns/tokens.uniswap.org/
x-ipfs-root: QmZqeoEbaC6DskKZHVhEtvSMu9SU7nJmAoaSqj1ooyXGqh
x-ipfs-roots: QmZqeoEbaC6DskKZHVhEtvSMu9SU7nJmAoaSqj1ooyXGqh
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=co6Knz6%2F45SCIC0kMetnunjnx8SBGzQJSZ3Gwqf0mZ8h2tKJkT7ai%2B7RlHo%2Bvdy2SAqByWnPakWzJBshWNVpabD1E%2BiEX641Yv%2BSUx0LAtXfaRZj2E5GqJEFPP4dW00XzDvttA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7af912ab8fb80b3d-OSL
X-Firefox-Spdy: h2

bridge.arbitrum.io/token-list-42161.json

76.76.21.164

308 Permanent Redirect

0 B

URL HTTP/2
bridge.arbitrum.io/token-list-42161.json
IP
76.76.21.164:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /token-list-42161.json HTTP/1.1
Host: bridge.arbitrum.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xhp281.cn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://xhp281.cn/
Connection: keep-alive
TE: trailers

HTTP/2 308 Permanent Redirect
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Wed, 29 Mar 2023 15:16:17 GMT
location: https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
referrer-policy: origin-when-cross-origin
refresh: 0;url=https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: arn1::qtxd7-1680102977030-a3a5e7d975d5
X-Firefox-Spdy: h2

bridge.arbitrum.io/token-list-42161.json

76.76.21.164

308 Permanent Redirect

0 B

URL HTTP/2
bridge.arbitrum.io/token-list-42161.json
IP
76.76.21.164:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /token-list-42161.json HTTP/1.1
Host: bridge.arbitrum.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xhp281.cn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://xhp281.cn/
Connection: keep-alive
TE: trailers

HTTP/2 308 Permanent Redirect
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Wed, 29 Mar 2023 15:16:17 GMT
location: https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
referrer-policy: origin-when-cross-origin
refresh: 0;url=https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: arn1::fx2fc-1680102977080-1dc9ee7711e2
X-Firefox-Spdy: h2

extendedtokens.uniswap.org/

104.18.22.54

200 OK

0 B

URL HTTP/2
extendedtokens.uniswap.org/
IP
104.18.22.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: extendedtokens.uniswap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:16:15 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=86400, stale-if-error=86400
etag: W/"QmUDDnoHytMFEWYhUnXFDe7qWmfoY7fE85EEqbQ4w5QG5J"
last-modified: Wed, 29 Mar 2023 15:16:15 GMT
set-cookie: __cflb=02DiuEkP8hw3gxppKvBYxa2eaW7UoqmRB1SvAfWefWX7i; SameSite=Lax; path=/; expires=Thu, 30-Mar-23 14:16:15 GMT; HttpOnly
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipns/extendedtokens.uniswap.org/
x-ipfs-root: QmUDDnoHytMFEWYhUnXFDe7qWmfoY7fE85EEqbQ4w5QG5J
x-ipfs-roots: QmUDDnoHytMFEWYhUnXFDe7qWmfoY7fE85EEqbQ4w5QG5J
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wa3E7CcKmHmaLzFqV9VxGhnGufDIrRSoa40HzLo8%2FxqFEYU2roGov2nrwNoyM2x2ePbrvFDbbIgdR%2FYsWmUKWsLlucHXJfbc3jO5hFEfRYawbDVg9biBu2VF4B7AysQ5PIFie1CjB0Q%2B2S52"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7af912ab8cb0b52d-OSL
X-Firefox-Spdy: h2

tokens.coingecko.com/uniswap/all.json

104.21.74.223

200 OK

0 B

URL HTTP/2
tokens.coingecko.com/uniswap/all.json
IP
104.21.74.223:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /uniswap/all.json HTTP/1.1
Host: tokens.coingecko.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:16:16 GMT
content-type: application/json; charset=UTF-8
x-amz-id-2: tQSNzV9ExqMLZw7xXZNH8YE0rZJ2JJc0N5PHx06gAfLoGsI8AQc14nH5yUJTiEQfceGPu/fQlu4=
x-amz-request-id: SEDRE1B4E41R9H8N
access-control-allow-origin: *
access-control-allow-methods: GET
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 29 Mar 2023 14:06:25 GMT
etag: W/"77f9fb3652f66e87b70d4a98f5222b68"
x-amz-server-side-encryption: AES256
x-amz-version-id: PR9Kfy_iQVSiJBiVRrcX.KUs4mZKI_q4
cache-control: max-age=1800
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=haiezQ%2F2Qez4c98rV7PefKEVx6twN8URaGCAtNJ6t38Cy5pePAsh5Trqpt5W9HFUEYjzvdfa51kIH5hVVs4apGULEklXNUa5UVbRGp3E6H%2FL4qdHHAJGMu9Aljy5hqk1%2Fw0Kjem34w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7af912ab8d090b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json

172.67.4.52

200 OK

0 B

URL HTTP/2
tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
IP
172.67.4.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /ArbTokenLists/arbed_arb_whitelist_era.json HTTP/1.1
Host: tokenlist.arbitrum.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Referer: https://xhp281.cn/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:16:16 GMT
content-type: application/json
x-amz-id-2: Nw9L8Vb1hv0KKMJ95gh/791/5biK2DaVlowZyBjNCMjmc/uEt/eXxU568YYCvOZGMBUP743jCmc=
x-amz-request-id: Z0J2JR7Q94TJYPRQ
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
last-modified: Wed, 29 Mar 2023 15:07:09 GMT
x-amz-version-id: aquYmqBKAC8cde4Qf9ivzJP3QLfFHzGU
etag: W/"8ae7cc3b5629eba670dd2cabff6d7521"
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: *
access-control-allow-origin: *
server: cloudflare
cf-ray: 7af912b01d44b518-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

api.coinbase.com/v2/exchange-rates?currency=ETH

104.18.4.43

200 OK

0 B

URL HTTP/2
api.coinbase.com/v2/exchange-rates?currency=ETH
IP
104.18.4.43:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v2/exchange-rates?currency=ETH HTTP/1.1
Host: api.coinbase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:16:15 GMT
content-type: application/json; charset=utf-8
access-control-allow-methods: GET, POST, PUT, DELETE
access-control-allow-origin: *
access-control-expose-headers: 
access-control-max-age: 7200
cache-control: max-age=30, public, s-maxage=30, stale-while-revalidate=30
content-disposition: attachment; filename=response.json
content-encoding: gzip
content-security-policy: default-src 'self' https://www.coinbase.com; child-src 'self' https://www.coinbase.com https://fast.wistia.net https://*.online-metrix.net https://*.wpstn.com https://netverify.com https://platform.twitter.com https://www.google.com/recaptcha/ https://recaptcha.net/recaptcha/ https://cdn.plaid.com/link/ https://*.doubleclick.net/ blob:; connect-src 'self' https://www.coinbase.com https://api.coinbase.com https://*.online-metrix.net https://api.cloudinary.com https://ott9.wpstn.com/live https://api.amplitude.com/ https://api2.amplitude.com/ https://d3907m2cqladbn.cloudfront.net/ https://exceptions.coinbase.com https://assets.coinbase.com/ https://sessions.coinbase.com/ https://dynamic-assets.coinbase.com/ https://events-service.coinbase.com/amp static.coinbase.com wss://ws.coinbase.com wss://ws.coinbase.com:443 https://www.coinbase.com/api; font-src 'self' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ static.coinbase.com; img-src 'self' data: https://www.coinbase.com https://images.coinbase.com https://d3907m2cqladbn.cloudfront.net/ https://static-assets.coinbase.com/ https://dynamic-assets.coinbase.com/ https://exceptions.coinbase.com https://coinbase-uploads.s3.amazonaws.com https://s3.amazonaws.com/app-public/ https://maps.gstatic.com https://ssl.google-analytics.com https://www.google.com https://maps.googleapis.com https://csi.gstatic.com https://www.google-analytics.com https://res.cloudinary.com https://secure.gravatar.com https://i2.wp.com https://*.online-metrix.net https://assets.coinbase.com/ https://hexagon-analytics.com https://cb-brand.s3.amazonaws.com https://googleads.g.doubleclick.net https://stats.g.doubleclick.net/r/collect https://card.coinbase.com/ blob: static.coinbase.com https://www.facebook.com/tr; media-src 'self' https://www.coinbase.com blob:; object-src 'self' data: blob: https://www.coinbase.com https://cdn.siftscience.com https://*.online-metrix.net https://www.gstatic.com https://www.google.com/recaptcha/api/ https://recaptcha.net/recaptcha/; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://www.coinbase.com https://fast.wistia.com/assets/external/E-v1.js https://cdn.siftscience.com https://*.google-analytics.com https://www.google.com https://www.gstatic.com https://*.online-metrix.net https://code.jquery.com https://chart.googleapis.com https://maps.googleapis.com https://maps.gstatic.com https://netverify.com https://ajax.cloudflare.com https://cdn.plaid.com/link/v2/stable/ https://www.googletagmanager.com/gtag/js https://www.googletagmanager.com/gtm.js https://www.googleadservices.com https://googleads.g.doubleclick.net https://recaptcha.net https://assets.coinbase.com/ https://card.coinbase.com/ static.coinbase.com; style-src 'self' 'unsafe-inline' https://www.coinbase.com https://assets.coinbase.com/ https://card.coinbase.com/ static.coinbase.com; report-uri /csp-report
etag: W/"dfe3305b3535d64f2485210fd163353c"
expect-ct: enforce, max-age=86400, report-uri="https://coinbase.report-uri.io/r/default/ct/reportOnly"
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
trace-id: 1049982613470380560
vary: Origin,Accept-Encoding
x-content-type-options: nosniff
x-download-options: noopen
x-frame-options: DENY
x-permitted-cross-domain-policies: none
x-powered-by: Proof-of-Work
x-request-id: 85d370d9-f3b4-4b01-aa24-81f944b1ddec
x-xss-protection: 1; mode=block
cf-cache-status: BYPASS
set-cookie: cb_dm=d4a0495e-fad8-429e-83d7-eae00ef2afd5; Path=/; Domain=coinbase.com; Expires=Tue, 29 Mar 2033 15:16:15 GMT; HttpOnly; Secure
__cf_bm=QpIIVc9GLWbB.WocSRvNjXLubQjjD_o_pXxgZieIn20-1680102975-0-ASoYqZ+u5nR74Qr+LdTw4RSV1lg1cUemLevRrYXeCPRdyppBJI7THUDpXncPb0qhCiouTheuOMh6LdPapAg8oxs=; path=/; expires=Wed, 29-Mar-23 15:46:15 GMT; domain=.coinbase.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 7af912abdad4b4f1-OSL
X-Firefox-Spdy: h2

unsupportedtokens.uniswap.org/

104.18.22.54

200 OK

0 B

URL HTTP/2
unsupportedtokens.uniswap.org/
IP
104.18.22.54:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET / HTTP/1.1
Host: unsupportedtokens.uniswap.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:16:15 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=60, stale-while-revalidate=86400, stale-if-error=86400
etag: W/"Qmc1i8ca92VKLaoP7pLs3Er3LFKbH632Ur7BcABK8bxfRw"
last-modified: Wed, 29 Mar 2023 15:16:15 GMT
set-cookie: __cflb=02DiuEkP8hw3gxppKvBYxa2eaW7UoqmRB1SvAfWefWX7i; SameSite=Lax; path=/; expires=Thu, 30-Mar-23 14:16:15 GMT; HttpOnly
vary: Accept-Encoding
cf-cache-status: DYNAMIC
access-control-allow-headers: Content-Type, Range, User-Agent, X-Requested-With
access-control-allow-methods: GET
access-control-expose-headers: Content-Length, Content-Range, X-Chunked-Output, X-Ipfs-Path, X-Ipfs-Roots, X-Stream-Output
x-cf-ipfs-cache-status: miss
x-ipfs-path: /ipns/unsupportedtokens.uniswap.org/
x-ipfs-root: Qmc1i8ca92VKLaoP7pLs3Er3LFKbH632Ur7BcABK8bxfRw
x-ipfs-roots: Qmc1i8ca92VKLaoP7pLs3Er3LFKbH632Ur7BcABK8bxfRw
content-encoding: gzip
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHyzCjuKYQ7MJP6Pu2SsJfbpWY3stUh9DWtiaky3v5QaVhJefDtHLfVXljBY%2BL14P3Yx%2B3mC8SVLytOqSZ7DHL7p0YYDulXrVy%2BxMEg1CE0INyHeTQM2XdQqWv0VrseCGbO1tc4GUFIYjaQLjV%2BF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 7af912ab99c0b51e-OSL
X-Firefox-Spdy: h2

bridge.arbitrum.io/token-list-42161.json

76.76.21.164

308 Permanent Redirect

0 B

URL HTTP/2
bridge.arbitrum.io/token-list-42161.json
IP
76.76.21.164:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /token-list-42161.json HTTP/1.1
Host: bridge.arbitrum.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xhp281.cn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://xhp281.cn/
Connection: keep-alive
TE: trailers

HTTP/2 308 Permanent Redirect
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Wed, 29 Mar 2023 15:16:16 GMT
location: https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
referrer-policy: origin-when-cross-origin
refresh: 0;url=https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: arn1::44zdv-1680102976990-ff2f7335481a
X-Firefox-Spdy: h2

bridge.arbitrum.io/token-list-42161.json

76.76.21.164

308 Permanent Redirect

0 B

URL HTTP/2
bridge.arbitrum.io/token-list-42161.json
IP
76.76.21.164:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /token-list-42161.json HTTP/1.1
Host: bridge.arbitrum.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xhp281.cn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://xhp281.cn/
Connection: keep-alive
TE: trailers

HTTP/2 308 Permanent Redirect
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Wed, 29 Mar 2023 15:16:17 GMT
location: https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
referrer-policy: origin-when-cross-origin
refresh: 0;url=https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: arn1::rmsp8-1680102977008-a124aa6585f7
X-Firefox-Spdy: h2

bridge.arbitrum.io/token-list-42161.json

76.76.21.164

308 Permanent Redirect

0 B

URL HTTP/2
bridge.arbitrum.io/token-list-42161.json
IP
76.76.21.164:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /token-list-42161.json HTTP/1.1
Host: bridge.arbitrum.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://xhp281.cn
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Referer: https://xhp281.cn/
Connection: keep-alive
TE: trailers

HTTP/2 308 Permanent Redirect
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Wed, 29 Mar 2023 15:16:17 GMT
location: https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
referrer-policy: origin-when-cross-origin
refresh: 0;url=https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: arn1::qtxd7-1680102977053-0de99fdedd28
X-Firefox-Spdy: h2

app.tryroll.com/tokens.json

104.18.10.70

200 OK

0 B

URL HTTP/2
app.tryroll.com/tokens.json
IP
104.18.10.70:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /tokens.json HTTP/1.1
Host: app.tryroll.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Wed, 29 Mar 2023 15:16:15 GMT
content-type: application/json; charset=utf-8
cf-ray: 7af912ab9dbe0b69-OSL
access-control-allow-origin: *
cache-control: public, max-age=14400
etag: W/"3ebf-Z7wm5a51+80jZPu03IujC6jLID4"
expires: Wed, 29 Mar 2023 19:16:15 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
cf-cache-status: HIT
access-control-expose-headers: Authorization
x-powered-by: Express
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

bridge.arbitrum.io/token-list-42161.json

76.76.21.164

308 Permanent Redirect

0 B

URL HTTP/2
bridge.arbitrum.io/token-list-42161.json
IP
76.76.21.164:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /token-list-42161.json HTTP/1.1
Host: bridge.arbitrum.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://xhp281.cn/
Origin: https://xhp281.cn
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 308 Permanent Redirect
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-type: text/plain
date: Wed, 29 Mar 2023 15:16:15 GMT
location: https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
referrer-policy: origin-when-cross-origin
refresh: 0;url=https://tokenlist.arbitrum.io/ArbTokenLists/arbed_arb_whitelist_era.json
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: arn1::cj6p8-1680102975922-64142f67ebab
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML