tracking-protection.cdn.mozilla.net/ads-track-digest256/1684337778
34.120.158.37 56 kB URL tracking-protection.cdn.mozilla.net/ads-track-digest256/1684337778
IP 34.120.158.37:0
Hash e82f812913b6a06c608d7bb688e184b4
ea5db373525ee7dfa0abaf0befb2dae54e62b699
46fb1d72ca8047216ad4c5349f791a385049e1025042a3fbca56a7bf94ff2e89
GET /ads-track-digest256/1684337778 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: uJ6ZIMoE839Ys4+Yj3C+jbRbfVECZh0707onUtGlk5hdextGhsb3bh02VJkX5lXH4Bx+uTOOAnY=
x-amz-request-id: GNCXKCX6NQ2XPRDM
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 56534
via: 1.1 google
date: Wed, 31 May 2023 15:37:05 GMT
age: 35283
last-modified: Wed, 17 May 2023 15:36:30 GMT
etag: "e82f812913b6a06c608d7bb688e184b4"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/analytics-track-digest256/1683905755
34.120.158.37 10 kB URL tracking-protection.cdn.mozilla.net/analytics-track-digest256/1683905755
IP 34.120.158.37:0
Hash feffee93ee53bd6b02687bb9d9a11425
f9fab28225d6eb2ed2e72ce675d5d5b624383658
3b09c3bc75d40a2dc370d7a9e88433d74de203f31056900b995b497950f2d672
GET /analytics-track-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: wT+mc42/laywQeKz+wF6+D9ftagqcE/RtlpvIcSD4UlepUDKaNTboaseMLJqoQxGiUzPmgu/Kr4=
x-amz-request-id: EA7724VDTEGQ54EA
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 10486
via: 1.1 google
date: Wed, 31 May 2023 15:36:46 GMT
age: 35302
last-modified: Fri, 12 May 2023 15:36:10 GMT
etag: "feffee93ee53bd6b02687bb9d9a11425"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
founeedapaidomainamenomainamengedinetworked.work.gd/recover
174.136.228.135200 OK 0 B URL User Request GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/recover
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /recover HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 01 Jun 2023 01:25:08 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Set-Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io; expires=Thu, 01-Jun-2023 03:25:08 GMT; Max-Age=7200; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://founeedapaidomainamenomainamengedinetworked.work.gd/
tracking-protection.cdn.mozilla.net/content-track-digest256/1683905755
34.120.158.37 15 kB URL tracking-protection.cdn.mozilla.net/content-track-digest256/1683905755
IP 34.120.158.37:0
Hash adff9f8518019ddb5b72e09fa471bd56
2a5cf28dcda107605da2bb4f6e56a07e514a927f
900f414ea63bb7f4e5a33041d77112c309aa8dfebd93681895c596d948ed12bf
GET /content-track-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: i/Ud7V7OlbaJWvAmKuf4WUnvlgmFEyWVOVzuWRZyo2RndALHx9vllvVaThREUG8hBxWsasULpX8=
x-amz-request-id: GNCVBFDZWNYXVZYA
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 15350
via: 1.1 google
date: Wed, 31 May 2023 15:37:05 GMT
age: 35283
last-modified: Fri, 12 May 2023 15:36:06 GMT
etag: "adff9f8518019ddb5b72e09fa471bd56"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/1683905755
34.120.158.37 1.5 MB URL tracking-protection.cdn.mozilla.net/google-trackwhite-digest256/1683905755
IP 34.120.158.37:0
Size 1.5 MB (1476920 bytes)
Hash 501d3f65be5457b0986a2f0b880e88f2
0df631bbe10a12e255c8d323fed084f51ffb842d
e3acbced9ab46ff7a41311445b2bd1f6f70f8716d35131670528417d2c9a6627
GET /google-trackwhite-digest256/1683905755 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: zeomrkpP6+0WsAVu50PLaOJHtcQ1wsSgOo0Md30u1LY226GMa4El5hnDcR74uRV2HFu/gjAUO9A=
x-amz-request-id: T70G5DF1P5EQD5ZA
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
via: 1.1 google
date: Wed, 31 May 2023 15:36:58 GMT
age: 35290
last-modified: Fri, 12 May 2023 15:36:17 GMT
etag: "501d3f65be5457b0986a2f0b880e88f2"
content-type: application/octet-stream
content-length: 1476920
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/1684337778
34.120.158.37 346 kB URL tracking-protection.cdn.mozilla.net/mozstd-trackwhite-digest256/1684337778
IP 34.120.158.37:0
Size 346 kB (345943 bytes)
Hash dc048d310df250632824a0ef784c0503
349ed5134df1bb49ba48bab8498c932655795279
a217142987da561fafd04a5f77dcab5860687e0089002eec43cd8bd619b9870a
GET /mozstd-trackwhite-digest256/1684337778 HTTP/1.1
Host: tracking-protection.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
x-amz-id-2: k893AxateR7sUqZdt0QLyIIEt3QfpoRUhDChE8JXypuA+cSIDO+XpD4N5OJ/pL6dDlpnWvE6dHE=
x-amz-request-id: Z62MZJB5T8XGJ490
x-amz-server-side-encryption: AES256
accept-ranges: bytes
server: AmazonS3
content-length: 345943
via: 1.1 google
date: Wed, 31 May 2023 15:37:06 GMT
age: 35282
last-modified: Wed, 17 May 2023 15:36:35 GMT
etag: "dc048d310df250632824a0ef784c0503"
content-type: application/octet-stream
cache-control: public,max-age=86400
alt-svc: clear
X-Firefox-Spdy: h2
founeedapaidomainamenomainamengedinetworked.work.gd/
174.136.228.135 0 B URL founeedapaidomainamenomainamengedinetworked.work.gd/
IP 174.136.228.135:0
ASN #396362 LEASEWEB-USA-NYC
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET / HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Server: nginx
Date: Thu, 01 Jun 2023 01:25:08 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
founeedapaidomainamenomainamengedinetworked.work.gd/authen
174.136.228.135 5.8 kB URL founeedapaidomainamenomainamengedinetworked.work.gd/authen
IP 174.136.228.135:0
ASN #396362 LEASEWEB-USA-NYC
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (523)
Hash 37638df65df379f1822fa3f31e66cfe3
6138dfb376f559d83ac0f71056321b71d33fe121
4d3986504c99ca52a86aa714cf01eb0013b5e5c8eaaa0ef14d9233c472ae8fb3
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /authen HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:08 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5824
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 582908ff8bc13bc9b5422491129d8b0e
8deb8d1987e09761ca90108160cc262f1ee8dffa
daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 01:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
founeedapaidomainamenomainamengedinetworked.work.gd/meta/normalize.css
174.136.228.135200 OK 2.7 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/normalize.css
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
Hash 4951cc88307c632cf285d3ba988ab283
031d58bc40b4242b27d8171a01bb0ecb5f9d22d7
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/normalize.css HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Type: text/css
Last-Modified: Sun, 28 May 2023 22:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d05a-1e5c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash 582908ff8bc13bc9b5422491129d8b0e
8deb8d1987e09761ca90108160cc262f1ee8dffa
daa1cabdc684ac8d98c86cd6aa983b52bb982052a8a7b6632f565a606c85a8b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 01:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
founeedapaidomainamenomainamengedinetworked.work.gd/meta/webflow.css
174.136.228.135200 OK 9.3 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/webflow.css
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type Unicode text, UTF-8 text, with very long lines (2587)
Hash 13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/webflow.css HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Type: text/css
Last-Modified: Sun, 28 May 2023 22:06:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d066-98c5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/plx.chock.js
174.136.228.135200 OK 311 B URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/plx.chock.js
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
Hash 5acfeead7d13511cdef767305b87e3f8
ec5337e62f1e64d3aaba3bf41a41b5f876964922
b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/plx.chock.js HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Type: application/javascript
Last-Modified: Sun, 28 May 2023 22:06:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d05b-d41"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/css.html
174.136.228.135200 OK 684 B URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/css.html
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
Hash 147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/css.html HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Type: text/html
Content-Length: 684
Last-Modified: Sun, 28 May 2023 22:06:04 GMT
Connection: keep-alive
ETag: "6473d04c-2ac"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
founeedapaidomainamenomainamengedinetworked.work.gd/meta/metamask-staging-2.webflow.css
174.136.228.135200 OK 18 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/metamask-staging-2.webflow.css
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
Hash d4ede0f1d47b3b9aac92ea8a29c2ec85
135c44809f03ce1360c7e74da033e4b4f5cfb87c
98489ee303fa850e7c3185248b30d64dfb6c7c55aa8726a98efb037525988e5a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/metamask-staging-2.webflow.css HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Type: text/css
Last-Modified: Sun, 28 May 2023 22:06:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d058-22adb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/enterprise.js.download
174.136.228.135200 OK 614 B URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/enterprise.js.download
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (1008), with no line terminators
Hash d07e7630bc23cbdd7520d0a4f086c922
b50685923a96d55109959fdf21f369d902971b2a
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/enterprise.js.download HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Type: application/javascript
Content-Length: 614
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:05 GMT
ETag: "3f0-5fcc82d350391-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/webfont.js.download
174.136.228.135200 OK 5.4 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/webfont.js.download
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (2134)
Hash 7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/webfont.js.download HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Type: application/javascript
Content-Length: 5415
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:32 GMT
ETag: "3384-5fcc82ed0b2bc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/js
174.136.228.135200 OK 35 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/js
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (1815)
Hash fb2ab9b8632250b0d7aa50c08150cfe1
73b3f266ac08c9fb07e1de1664fed384ccd5bc86
5d419e0ff614b331e4f8fed2ba7c1380b1f5983f98d820a6a0f7040b55f60b5b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/js HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Length: 35327
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:14 GMT
ETag: "168a5-5fcc82db7ef5d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/css.html
174.136.228.135200 OK 684 B URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/css.html
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
Hash 147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/css.html HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Type: text/html
Content-Length: 684
Last-Modified: Sun, 28 May 2023 22:06:04 GMT
Connection: keep-alive
ETag: "6473d04c-2ac"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
founeedapaidomainamenomainamengedinetworked.work.gd/meta/storage.secure.min.js.download
174.136.228.135200 OK 13 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/storage.secure.min.js.download
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (38562), with no line terminators
Hash 3386ec5559f1ba569cf0ab6acab436cc
e98e11d37c5172ee128a85f68447efb3cb0e853c
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/storage.secure.min.js.download HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Type: application/javascript
Content-Length: 13194
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:24 GMT
ETag: "96a2-5fcc82e546e12-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 01:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
216.58.207.227200 OK 8.4 kB URL GET HTTP/2 fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP 216.58.207.227:443
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Hash 141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://founeedapaidomainamenomainamengedinetworked.work.gd
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 07:46:50 GMT
expires: Fri, 24 May 2024 07:46:50 GMT
cache-control: public, max-age=31536000
age: 581899
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
216.58.207.227200 OK 7.9 kB URL GET HTTP/2 fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP 216.58.207.227:443
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18
GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://founeedapaidomainamenomainamengedinetworked.work.gd
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 06:19:20 GMT
expires: Fri, 24 May 2024 06:19:20 GMT
cache-control: public, max-age=31536000
age: 587149
last-modified: Thu, 21 Apr 2022 17:15:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 01:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
founeedapaidomainamenomainamengedinetworked.work.gd/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
174.136.228.135200 OK 31 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Type: application/javascript
Content-Length: 30910
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:13 GMT
ETag: "15d84-5fcc82da522d7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/jsonp
174.136.228.135200 OK 87 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/jsonp
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7efac8c0fa8e30db7a423500ef59abab
be73717f776f24dd31498c27a1b02b784570d5bb
102411780270584690575675e14e574ef8a16cf6fdd5700d5682e68a8d2cc00d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/jsonp HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:15 GMT
ETag: "43f6e-5fcc82dcba644-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131 472 B IP 142.250.74.131:0
Hash fd0c5fcd552e140b1496b4697b18a3a4
264e38a9d130f40f54539a52cba317d16aea03ef
a7ed4a9f0a8b37cf7bcf3a12317f70c607fa56aac6a980a6fda121b2c30d5151
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Jun 2023 01:25:09 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
founeedapaidomainamenomainamengedinetworked.work.gd/meta/webflow.js.download
174.136.228.135200 OK 147 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/webflow.js.download
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type Unicode text, UTF-8 text, with very long lines (50020)
Size 147 kB (147184 bytes)
Hash 9758f7e3aa0c79ea7a3cadb16d10087b
07f3c4e552e28eba6172f53d6dcf981a55f42031
0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/webflow.js.download HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:33 GMT
ETag: "92c10-5fcc82ee36003-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/wpp.gif
174.136.228.135 3.9 kB URL founeedapaidomainamenomainamengedinetworked.work.gd/meta/wpp.gif
IP 174.136.228.135:0
ASN #396362 LEASEWEB-USA-NYC
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type GIF image data, version 87a, 470 x 40\012- data
Hash 941648b845842a709da73e24652cf8a4
099e5f97e602d026c51537c9b45328dc99261d7c
2a7344e607a878f0acac7f5c9c3a65fc8a4423f00e21d3fb7a814cae051631d9
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/wpp.gif HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Type: image/gif
Content-Length: 3877
Last-Modified: Sun, 28 May 2023 22:06:33 GMT
Connection: keep-alive
ETag: "6473d069-f25"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
founeedapaidomainamenomainamengedinetworked.work.gd/meta/mm-logo.svg
174.136.228.135200 OK 3.4 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/mm-logo.svg
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Hash 51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/mm-logo.svg HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:09 GMT
Content-Type: image/svg+xml
Last-Modified: Sun, 28 May 2023 22:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d05a-2ef3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/EuclidCircularB-Regular-WebXL.woff2
174.136.228.135200 OK 45 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/EuclidCircularB-Regular-WebXL.woff2
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Hash 2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/metamask-staging-2.webflow.css
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:10 GMT
Content-Length: 45196
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:09 GMT
ETag: "b08c-5fcc82d6dc6e4"
Accept-Ranges: bytes
Vary: Accept-Encoding
founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
174.136.228.135200 OK 4.1 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Hash ab544024d3cf8ee17b4995a04711bc92
da849c1c8b08864d499153a059e5d429b8df19ce
b9d7893f4e6f83b6dca5ec8e27e47e382f4ace81907591ab102345bef9d3bb5f
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/bframe.html HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:10 GMT
Content-Type: text/html
Last-Modified: Sun, 28 May 2023 22:06:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d04a-2e07"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/EuclidCircularB-Bold-WebXL.woff2
174.136.228.135200 OK 44 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/EuclidCircularB-Bold-WebXL.woff2
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Hash 9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/metamask-staging-2.webflow.css
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:10 GMT
Content-Length: 44544
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:07 GMT
ETag: "ae00-5fcc82d56667c"
Accept-Ranges: bytes
Vary: Accept-Encoding
founeedapaidomainamenomainamengedinetworked.work.gd/meta/hero2.4.png
174.136.228.135 590 kB URL founeedapaidomainamenomainamengedinetworked.work.gd/meta/hero2.4.png
IP 174.136.228.135:0
ASN #396362 LEASEWEB-USA-NYC
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data
Size 590 kB (589568 bytes)
Hash d0ec70f4c666fbf6ad0d30a52d08c5c9
e48f0688bc4f592824840478d12c05df0dd12002
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/hero2.4.png HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/metamask-staging-2.webflow.css
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:10 GMT
Content-Type: image/png
Content-Length: 589568
Last-Modified: Sun, 28 May 2023 22:06:10 GMT
Connection: keep-alive
ETag: "6473d052-8ff00"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
founeedapaidomainamenomainamengedinetworked.work.gd/meta/styles__ltr.css
174.136.228.135200 OK 24 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/styles__ltr.css
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (52368), with no line terminators
Hash 97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/styles__ltr.css HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:10 GMT
Content-Type: text/css
Last-Modified: Sun, 28 May 2023 22:06:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d062-cc90"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.106200 OK 897 B URL GET HTTP/3 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.106:443
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ebebecd890788101998fbfd81718d353
987ba7d3dd33a8283a93495edd3d2407ea140356
0d62a7f121b833b78ef6282cff6646d618fa037c77f016c89dd26fcb60897964
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Jun 2023 01:25:09 GMT
date: Thu, 01 Jun 2023 01:25:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
founeedapaidomainamenomainamengedinetworked.work.gd/metamask.io/images/webclip.png
174.136.228.135 557 B URL founeedapaidomainamenomainamengedinetworked.work.gd/metamask.io/images/webclip.png
IP 174.136.228.135:0
ASN #396362 LEASEWEB-USA-NYC
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc10f358967a59750ef6fd9a698e2d60
3fc472d167c41a4193625aff84ee6e599b302002
16ce845440c38f491f80553aee7a8144dcc0a82c46258deaffdd10a0fa3d2db2
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /metamask.io/images/webclip.png HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/authen
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Jun 2023 01:25:10 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 557
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/recaptcha__nl.js.download
174.136.228.135200 OK 138 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/recaptcha__nl.js.download
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (820)
Size 138 kB (137504 bytes)
Hash e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/recaptcha__nl.js.download HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:10 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:22 GMT
ETag: "56577-5fcc82e2e7745-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
142.250.74.35404 Not Found 1.6 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP 142.250.74.35:443
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash c90524d6a02b27addb56c350fe6fbb2d
d713d1b53323c0169ffe0649be8c9d04a189f999
4aefd395113d052a874ac1919aed0e288835e0377683f1e71e98838d16c986e0
GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://founeedapaidomainamenomainamengedinetworked.work.gd
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 01:25:10 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/info_2x.png
142.250.74.35200 OK 665 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/info_2x.png
IP 142.250.74.35:443
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 00:56:35 GMT
expires: Thu, 08 Jun 2023 00:56:35 GMT
cache-control: public, max-age=604800
age: 1715
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/audio_2x.png
142.250.74.35 530 B URL www.gstatic.com/recaptcha/api2/audio_2x.png
IP 142.250.74.35:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 16:14:42 GMT
expires: Tue, 06 Jun 2023 16:14:42 GMT
cache-control: public, max-age=604800
age: 119428
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/refresh_2x.png
142.250.74.35 600 B URL www.gstatic.com/recaptcha/api2/refresh_2x.png
IP 142.250.74.35:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 20:49:22 GMT
expires: Wed, 07 Jun 2023 20:49:22 GMT
cache-control: public, max-age=604800
age: 16548
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
founeedapaidomainamenomainamengedinetworked.work.gd/recover
174.136.228.135200 OK 5.7 kB URL User Request GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/recover
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (471)
Hash d34161e20a0c54ea8a64ca035542edd4
3ac3a1f7c84ea61e4b948494e0d17dbec14689b3
0d067464a6eb48590e843d075b188b0557ac79a1709bf7cd920fccca0dca2e6f
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /recover HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:20 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5700
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/normalize.css
174.136.228.135200 OK 2.7 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/normalize.css
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
Hash 4951cc88307c632cf285d3ba988ab283
031d58bc40b4242b27d8171a01bb0ecb5f9d22d7
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/normalize.css HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:20 GMT
Content-Type: text/css
Last-Modified: Sun, 28 May 2023 22:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d05a-1e5c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/webflow.css
174.136.228.135200 OK 9.3 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/webflow.css
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type Unicode text, UTF-8 text, with very long lines (2587)
Hash 13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/webflow.css HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:20 GMT
Content-Type: text/css
Last-Modified: Sun, 28 May 2023 22:06:30 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d066-98c5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/plx.chock.js
174.136.228.135200 OK 311 B URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/plx.chock.js
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
Hash 5acfeead7d13511cdef767305b87e3f8
ec5337e62f1e64d3aaba3bf41a41b5f876964922
b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/plx.chock.js HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:20 GMT
Content-Type: application/javascript
Last-Modified: Sun, 28 May 2023 22:06:19 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d05b-d41"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/css.html
174.136.228.135200 OK 684 B URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/css.html
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
Hash 147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/css.html HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:20 GMT
Content-Type: text/html
Content-Length: 684
Last-Modified: Sun, 28 May 2023 22:06:04 GMT
Connection: keep-alive
ETag: "6473d04c-2ac"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
founeedapaidomainamenomainamengedinetworked.work.gd/meta/webfont.js.download
174.136.228.135200 OK 5.4 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/webfont.js.download
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (2134)
Hash 7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/webfont.js.download HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Type: application/javascript
Content-Length: 5415
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:32 GMT
ETag: "3384-5fcc82ed0b2bc-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/metamask-staging-2.webflow.css
174.136.228.135200 OK 18 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/metamask-staging-2.webflow.css
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
Hash d4ede0f1d47b3b9aac92ea8a29c2ec85
135c44809f03ce1360c7e74da033e4b4f5cfb87c
98489ee303fa850e7c3185248b30d64dfb6c7c55aa8726a98efb037525988e5a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/metamask-staging-2.webflow.css HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:20 GMT
Content-Type: text/css
Last-Modified: Sun, 28 May 2023 22:06:16 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d058-22adb"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/enterprise.js.download
174.136.228.135200 OK 614 B URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/enterprise.js.download
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (1008), with no line terminators
Hash d07e7630bc23cbdd7520d0a4f086c922
b50685923a96d55109959fdf21f369d902971b2a
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/enterprise.js.download HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Type: application/javascript
Content-Length: 614
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:05 GMT
ETag: "3f0-5fcc82d350391-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/storage.secure.min.js.download
174.136.228.135200 OK 13 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/storage.secure.min.js.download
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (38562), with no line terminators
Hash 3386ec5559f1ba569cf0ab6acab436cc
e98e11d37c5172ee128a85f68447efb3cb0e853c
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/storage.secure.min.js.download HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Type: application/javascript
Content-Length: 13194
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:24 GMT
ETag: "96a2-5fcc82e546e12-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/css.html
174.136.228.135200 OK 684 B URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/css.html
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
Hash 147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/css.html HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Type: text/html
Content-Length: 684
Last-Modified: Sun, 28 May 2023 22:06:04 GMT
Connection: keep-alive
ETag: "6473d04c-2ac"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
founeedapaidomainamenomainamengedinetworked.work.gd/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
174.136.228.135200 OK 31 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Type: application/javascript
Content-Length: 30910
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:13 GMT
ETag: "15d84-5fcc82da522d7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
216.58.207.227200 OK 7.9 kB URL GET HTTP/2 fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP 216.58.207.227:443
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18
GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://founeedapaidomainamenomainamengedinetworked.work.gd
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 06:19:20 GMT
expires: Fri, 24 May 2024 06:19:20 GMT
cache-control: public, max-age=31536000
age: 587161
last-modified: Thu, 21 Apr 2022 17:15:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
216.58.207.227200 OK 8.4 kB URL GET HTTP/2 fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP 216.58.207.227:443
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Hash 141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://founeedapaidomainamenomainamengedinetworked.work.gd
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 25 May 2023 07:46:50 GMT
expires: Fri, 24 May 2024 07:46:50 GMT
cache-control: public, max-age=31536000
age: 581911
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
founeedapaidomainamenomainamengedinetworked.work.gd/meta/jsonp
174.136.228.135200 OK 87 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/jsonp
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (65536), with no line terminators
Hash 7efac8c0fa8e30db7a423500ef59abab
be73717f776f24dd31498c27a1b02b784570d5bb
102411780270584690575675e14e574ef8a16cf6fdd5700d5682e68a8d2cc00d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/jsonp HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:15 GMT
ETag: "43f6e-5fcc82dcba644-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/webflow.js.download
174.136.228.135200 OK 147 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/webflow.js.download
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type Unicode text, UTF-8 text, with very long lines (50020)
Size 147 kB (147184 bytes)
Hash 9758f7e3aa0c79ea7a3cadb16d10087b
07f3c4e552e28eba6172f53d6dcf981a55f42031
0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/webflow.js.download HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:33 GMT
ETag: "92c10-5fcc82ee36003-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
216.58.207.227 128 kB URL GET fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 216.58.207.227:0
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size 128 kB (128352 bytes)
Hash 53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://founeedapaidomainamenomainamengedinetworked.work.gd
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 00:16:42 GMT
expires: Thu, 30 May 2024 00:16:42 GMT
cache-control: public, max-age=31536000
age: 90519
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
founeedapaidomainamenomainamengedinetworked.work.gd/meta/js
174.136.228.135200 OK 35 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/js
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (1815)
Hash fb2ab9b8632250b0d7aa50c08150cfe1
73b3f266ac08c9fb07e1de1664fed384ccd5bc86
5d419e0ff614b331e4f8fed2ba7c1380b1f5983f98d820a6a0f7040b55f60b5b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/js HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Length: 35327
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:14 GMT
ETag: "168a5-5fcc82db7ef5d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/mm-logo.svg
174.136.228.135200 OK 3.4 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/mm-logo.svg
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Hash 51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/mm-logo.svg HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Type: image/svg+xml
Last-Modified: Sun, 28 May 2023 22:06:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d05a-2ef3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/EuclidCircularB-Regular-WebXL.woff2
174.136.228.135200 OK 45 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/EuclidCircularB-Regular-WebXL.woff2
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Hash 2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/metamask-staging-2.webflow.css
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Length: 45196
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:09 GMT
ETag: "b08c-5fcc82d6dc6e4"
Accept-Ranges: bytes
Vary: Accept-Encoding
fonts.googleapis.com/css?family=Changa+One:400,400italic
142.250.74.106200 OK 45 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Changa+One:400,400italic
IP 142.250.74.106:443
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type gzip compressed data, max compression\012- data
Hash e8ee7f57f0b43435ec9f63d8043acb5f
c2fed0a44af70be0262ed346c31f4786e61b8e60
647595d8fd0ebceb3517f4e8da635cb43a1ab954bb0f7e17e9438b18b9a71c63
GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Jun 2023 01:25:20 GMT
date: Thu, 01 Jun 2023 01:25:20 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
174.136.228.135200 OK 4.1 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Hash ab544024d3cf8ee17b4995a04711bc92
da849c1c8b08864d499153a059e5d429b8df19ce
b9d7893f4e6f83b6dca5ec8e27e47e382f4ace81907591ab102345bef9d3bb5f
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/bframe.html HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Type: text/html
Last-Modified: Sun, 28 May 2023 22:06:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d04a-2e07"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
fonts.googleapis.com/css?family=Changa+One:400,400italic
142.250.74.106200 OK 290 kB URL GET HTTP/3 fonts.googleapis.com/css?family=Changa+One:400,400italic
IP 142.250.74.106:443
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint5F:AC:74:E6:97:66:CD:D0:F1:EA:0D:01:37:89:65:2E:98:22:84:6C
ValidityMon, 08 May 2023 08:24:50 GMT - Mon, 31 Jul 2023 08:24:49 GMT
File type gzip compressed data, max compression\012- data
Size 290 kB (289876 bytes)
Hash 40977e5cad27cdfa6be597279671338a
ce153a2e0e3a232fb6fc53097d55ba9a75a60b00
cf1a2d45290ddd90bc87db3e325f89175bb32a5a2a0752afc48dc1fe9d108c8e
GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Jun 2023 01:25:09 GMT
date: Thu, 01 Jun 2023 01:25:09 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
founeedapaidomainamenomainamengedinetworked.work.gd/meta/styles__ltr.css
174.136.228.135200 OK 24 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/styles__ltr.css
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (52368), with no line terminators
Hash 97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/styles__ltr.css HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Type: text/css
Last-Modified: Sun, 28 May 2023 22:06:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d062-cc90"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/metamask.io/images/webclip.png
174.136.228.135 557 B URL founeedapaidomainamenomainamengedinetworked.work.gd/metamask.io/images/webclip.png
IP 174.136.228.135:0
ASN #396362 LEASEWEB-USA-NYC
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc10f358967a59750ef6fd9a698e2d60
3fc472d167c41a4193625aff84ee6e599b302002
16ce845440c38f491f80553aee7a8144dcc0a82c46258deaffdd10a0fa3d2db2
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /metamask.io/images/webclip.png HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 557
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/metamask.io/images/favicon.png
174.136.228.135404 Not Found 557 B URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/metamask.io/images/favicon.png
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash fc10f358967a59750ef6fd9a698e2d60
3fc472d167c41a4193625aff84ee6e599b302002
16ce845440c38f491f80553aee7a8144dcc0a82c46258deaffdd10a0fa3d2db2
Analyzer Verdict Alert urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /metamask.io/images/favicon.png HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 557
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
142.250.74.35404 Not Found 1.6 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP 142.250.74.35:443
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash c90524d6a02b27addb56c350fe6fbb2d
d713d1b53323c0169ffe0649be8c9d04a189f999
4aefd395113d052a874ac1919aed0e288835e0377683f1e71e98838d16c986e0
GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://founeedapaidomainamenomainamengedinetworked.work.gd
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 01:25:22 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
founeedapaidomainamenomainamengedinetworked.work.gd/meta/recaptcha__nl.js.download
174.136.228.135200 OK 138 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/recaptcha__nl.js.download
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type ASCII text, with very long lines (820)
Size 138 kB (137504 bytes)
Hash e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/recaptcha__nl.js.download HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 28 May 2023 22:06:22 GMT
ETag: "56577-5fcc82e2e7745-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
www.gstatic.com/recaptcha/api2/refresh_2x.png
142.250.74.35 600 B URL www.gstatic.com/recaptcha/api2/refresh_2x.png
IP 142.250.74.35:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 May 2023 20:49:22 GMT
expires: Wed, 07 Jun 2023 20:49:22 GMT
cache-control: public, max-age=604800
age: 16560
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/info_2x.png
142.250.74.35200 OK 665 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/info_2x.png
IP 142.250.74.35:443
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 00:56:35 GMT
expires: Thu, 08 Jun 2023 00:56:35 GMT
cache-control: public, max-age=604800
age: 1727
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/audio_2x.png
142.250.74.35 530 B URL www.gstatic.com/recaptcha/api2/audio_2x.png
IP 142.250.74.35:0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 May 2023 16:14:42 GMT
expires: Tue, 06 Jun 2023 16:14:42 GMT
cache-control: public, max-age=604800
age: 119440
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
142.250.74.35404 Not Found 1.6 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP 142.250.74.35:443
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintA3:09:CB:6C:64:76:4B:58:32:D1:21:3E:F4:65:1F:DE:58:22:8F:D6
ValidityMon, 08 May 2023 08:24:48 GMT - Mon, 31 Jul 2023 08:24:47 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash c90524d6a02b27addb56c350fe6fbb2d
d713d1b53323c0169ffe0649be8c9d04a189f999
4aefd395113d052a874ac1919aed0e288835e0377683f1e71e98838d16c986e0
GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://founeedapaidomainamenomainamengedinetworked.work.gd
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Thu, 01 Jun 2023 01:25:22 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
174.136.228.135200 OK 4.1 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/bframe.html
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Hash ab544024d3cf8ee17b4995a04711bc92
da849c1c8b08864d499153a059e5d429b8df19ce
b9d7893f4e6f83b6dca5ec8e27e47e382f4ace81907591ab102345bef9d3bb5f
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/bframe.html HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:23 GMT
Content-Type: text/html
Last-Modified: Sun, 28 May 2023 22:06:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6473d04a-2e07"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
founeedapaidomainamenomainamengedinetworked.work.gd/meta/Institutional-Illustration.png
174.136.228.135200 OK 290 kB URL GET HTTP/1.1 founeedapaidomainamenomainamengedinetworked.work.gd/meta/Institutional-Illustration.png
IP 174.136.228.135:443
ASN #396362 LEASEWEB-USA-NYC
Requested by https://founeedapaidomainamenomainamengedinetworked.work.gd/recover
Certificate IssuerLet's Encrypt
Subjectfouneedapaidomainamenomainamengedinetworked.work.gd
Fingerprint89:DE:31:20:22:2D:FF:40:83:9C:1F:5D:B5:DA:F0:77:D9:E2:28:2C
ValiditySun, 28 May 2023 21:04:27 GMT - Sat, 26 Aug 2023 21:04:26 GMT
File type PNG image data, 876 x 1040, 8-bit/color RGBA, non-interlaced\012- data
Size 290 kB (289564 bytes)
Hash 85607339bb7e3cc70e1b7568ed4d29b2
7c6301d70e1ab599857be6e9795b94418cef6079
5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery suspicious Suspicious - DynDNS domain
openphish Crypto/Wallet
GET /meta/Institutional-Illustration.png HTTP/1.1
Host: founeedapaidomainamenomainamengedinetworked.work.gd
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://founeedapaidomainamenomainamengedinetworked.work.gd/meta/metamask-staging-2.webflow.css
Cookie: cazanova=kmrslmqf2g1475a0p3pdcs5df13on5io
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Jun 2023 01:25:21 GMT
Content-Type: image/png
Content-Length: 289564
Last-Modified: Sun, 28 May 2023 22:06:11 GMT
Connection: keep-alive
ETag: "6473d053-46b1c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes