| r3.o.lencr.org/ |  95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashcfec3d7283a9b66d2be426ce54d210f3 808c1feb1ba918951d1928c1f6bfc0c253262774 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10469
Expires: Tue, 06 Dec 2022 00:58:55 GMT
Date: Mon, 05 Dec 2022 22:04:26 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashee088fab9b287e174cfd1f2c735a909f 25c3335b514a36ad1a24d00413d60c3d394f5161 494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 793
Cache-Control: max-age=132006
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:26 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 10:44:32 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash1ea206ac3c440825741687351f8c6e4e 2f38dafd8c43dcce2411a0590bc5c02cd6286735 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8363
Expires: Tue, 06 Dec 2022 00:23:49 GMT
Date: Mon, 05 Dec 2022 22:04:26 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 21:20:20 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2646
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash53341dea33f4f3d9b4966f80589f429a 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Gf6HaM715qA9UHR3SDiYCRqe210EKRdv6MqB3oWqN+N8/B3TKgB7PRXJQayQnmlJq257iis18R0=
x-amz-request-id: MMA9B2N0EZ8XXGVE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 21:46:50 GMT
age: 1056
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/ |  104.208.97.16 | 301 Moved Permanently | 162 B |
IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET / HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 05 Dec 2022 22:04:26 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://metamaskwallet.life/
Strict-Transport-Security: max-age=31536000
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 21:11:19 GMT
cache-control: public,max-age=3600
age: 3188
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash2b9d6a686aa3c4ea24568425e43a5221 d53bb4c9579bd1db78a0520619e888aec79f750f c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 734
Cache-Control: max-age=126879
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:27 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 09:19:06 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashbd962d94f536d03fe8b69ca5c34f9f75 cade00c1eabea19d5219719865ac6d97b82cda39 dcbc8b8b1f768a0796d61850498f1ea460e26ae3d6741bd8a3a41b722d38d7f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DCBC8B8B1F768A0796D61850498F1EA460E26AE3D6741BD8A3A41B722D38D7F1"
Last-Modified: Sun, 04 Dec 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 04:04:27 GMT
Date: Mon, 05 Dec 2022 22:04:27 GMT
Connection: keep-alive
|
|
| push.services.mozilla.com/ | 52.41.252.32 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.41.252.32:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bsbkjkvMddes/kp+pxIknw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: wXvd3A1iXHFIBlsiN/kFDhIEzbo=
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash8ead0ac4ce19cef2471bae0458759d89 af02fd3fcd2e10cfa2458407c0c2e59a43e18517 507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.youtube.com/s/player/dab28f34/www-player.css | 142.250.74.110 | 200 OK | 50 kB |
URL HTTP/2www.youtube.com/s/player/dab28f34/www-player.css IP142.250.74.110:0
File typeASCII text, with very long lines (65536), with no line terminators Hash9abf9c15a58d40e7ecc2302b4bfb153e 5195babba42ed31eb39751e8c917277ace5e19a4 1eca62432d16bb94000cf099705eee38903254825032b27ddf3d5decbe3d3114
GET /s/player/dab28f34/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/YVgfHZMFFFQ
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49849
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:01:14 GMT
expires: Fri, 01 Dec 2023 16:01:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/css
age: 367394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js | 142.250.74.110 | 200 OK | 99 kB |
URL HTTP/2www.youtube.com/s/player/dab28f34/www-embed-player.vflset/www-embed-player.js IP142.250.74.110:0
File typeASCII text, with very long lines (679) Hasha9a95fc3a85fc2904a0cffd12ff9b01c b3db5cd9996da5ffa51fe22a57898a79abfe32df 2ef638f9e81beb63874104df180f7d1de54c01d6e22857f39e16c1581a3f3f7e
GET /s/player/dab28f34/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/YVgfHZMFFFQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 99243
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:01:14 GMT
expires: Fri, 01 Dec 2023 16:01:14 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/javascript
age: 367394
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| images.ctfassets.net/9sy2a0egs6zh/4zJfzJbG3kTDSk5Wo4RJI1/1b363263141cf629b28155e2625b56c9/mm-logo.svg | 54.230.111.77 | 200 OK | 6.2 kB |
URL HTTP/2images.ctfassets.net/9sy2a0egs6zh/4zJfzJbG3kTDSk5Wo4RJI1/1b363263141cf629b28155e2625b56c9/mm-logo.svg IP54.230.111.77:0
Hashc1732a1196f687abb57c249a9b12f6a8 7be4395b3182e8aed32774b42b1b72c90caf48d1 301520ae733b62fa60d497e71140d205c81c02e112f135bbd88a275548a088bb
GET /9sy2a0egs6zh/4zJfzJbG3kTDSk5Wo4RJI1/1b363263141cf629b28155e2625b56c9/mm-logo.svg HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 14 Oct 2021 12:34:16 GMT
server: Contentful Images API
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 05 Dec 2022 22:04:28 GMT
cache-control: max-age=31536000
etag: W/"51bcea2625eb2c6e9268a7377a792c86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZAgwM4YXH_gDbLo0Mm1xfvI4sByRGE_6JPlu679ZlemR0CctJjrefA==
age: 7779
X-Firefox-Spdy: h2
|
|
| www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js | 142.250.74.110 | 200 OK | 594 kB |
URL HTTP/2www.youtube.com/s/player/dab28f34/player_ias.vflset/en_US/base.js IP142.250.74.110:0
File typeASCII text, with very long lines (554) Size594 kB (593839 bytes) Hashe540cb39c83560fdc65c81d42d4ce798 1f1b1272c2f2f2006091be5fab8afec22589644c 58e751edbbb737746b3807f70dd3951c104017d10bb278a8be58ad814451c388
GET /s/player/dab28f34/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/YVgfHZMFFFQ
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 593839
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:09:00 GMT
expires: Fri, 01 Dec 2023 16:09:00 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 01 Dec 2022 01:20:18 GMT
content-type: text/javascript
age: 366928
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash8ead0ac4ce19cef2471bae0458759d89 af02fd3fcd2e10cfa2458407c0c2e59a43e18517 507b93c64bab73e393cf8d8131415ef4d4b01e65e0f2ab73597715197845e75e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| metamaskwallet.life/css/fonts/EuclidCircularB-Regular-WebXL.woff2 | 104.208.97.16 | 200 OK | 45 kB |
URL HTTP/2metamaskwallet.life/css/fonts/EuclidCircularB-Regular-WebXL.woff2 IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeWeb Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data Hash2d75957df3bb3aa6ed84f6591b0d5a1a 906424e75625f63b0188471067065794d0348536 8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /css/fonts/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:28 GMT
content-type: font/woff2
content-length: 45196
last-modified: Sat, 08 Oct 2022 06:49:48 GMT
etag: "63411d8c-b08c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/css/fonts/EuclidCircularB-Bold-WebXL.woff2 | 104.208.97.16 | 200 OK | 44 kB |
URL HTTP/2metamaskwallet.life/css/fonts/EuclidCircularB-Bold-WebXL.woff2 IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeWeb Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data Hash9024d0bf73943172297c4628d0054e20 36c3795e7b297d06589e15ef59592683d9ed0974 88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /css/fonts/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:28 GMT
content-type: font/woff2
content-length: 44544
last-modified: Sat, 08 Oct 2022 06:49:47 GMT
etag: "63411d8b-ae00"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/css/acsbStyles.css | 104.208.97.16 | 200 OK | 3.6 kB |
URL HTTP/2metamaskwallet.life/css/acsbStyles.css IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash8d1451ec1e9fd232bafe756e038df3b8 b6c07f6a62af88db1215d4591a9be2822ae74026 661070a5757ef1a659c689fa2c29946ea798d65380dc2739f26865c8524ada69
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | |
GET /css/acsbStyles.css HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:28 GMT
content-type: text/css
last-modified: Sat, 08 Oct 2022 06:49:28 GMT
vary: Accept-Encoding
etag: W/"63411d78-3d86"
expires: Tue, 06 Dec 2022 10:04:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash5670c32d73c3d5771a2d9396774a7eb9 3fb62916ff54f22a011e11730ba87fea48e5d239 062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| metamaskwallet.life/css/animate.min.css | 104.208.97.16 | 200 OK | 6.6 kB |
URL HTTP/2metamaskwallet.life/css/animate.min.css IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash14c543bb29693798895466fc4ab0f3f3 b9db8ece0d496ceea589f8817952450c1e16001f 858d3a6dc3885b494897e9a0ac441979b0997a35911cd7d08abc478b77d0124e
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | |
GET /css/animate.min.css HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:28 GMT
content-type: text/css
last-modified: Sat, 08 Oct 2022 06:49:29 GMT
vary: Accept-Encoding
etag: W/"63411d79-11846"
expires: Tue, 06 Dec 2022 10:04:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/css/index.css | 104.208.97.16 | 200 OK | 4.9 kB |
URL HTTP/2metamaskwallet.life/css/index.css IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeASCII text, with very long lines (761) Hash04182cd1d420765e499c54135fae5eed ed2929285d5dc1cc288eff7ed57657e3e2cfce33 80794d9ac931ff509f7e22d5cdf3875dc221cc1cf7832dfd0a4160c557b631ea
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | |
GET /css/index.css HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:28 GMT
content-type: text/css
last-modified: Sat, 08 Oct 2022 06:49:30 GMT
vary: Accept-Encoding
etag: W/"63411d7a-617f"
expires: Tue, 06 Dec 2022 10:04:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/js/jquery.min.js | 104.208.97.16 | 200 OK | 38 kB |
URL HTTP/2metamaskwallet.life/js/jquery.min.js IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hashc6a4b7afe02a2ba21a6e092e5072e1d1 e6d3a792b2b3dac892c9c2bc48998fdf0d1f3444 a01ecc36932b2619f77bab3eef88798a535cd2cf4869cd7f98f19a6e289cbadb
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /js/jquery.min.js HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:28 GMT
content-type: application/javascript
last-modified: Sat, 08 Oct 2022 06:49:42 GMT
vary: Accept-Encoding
etag: W/"63411d86-17b8b"
expires: Tue, 06 Dec 2022 10:04:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/js/vue.min.js | 104.208.97.16 | 200 OK | 75 kB |
URL HTTP/2metamaskwallet.life/js/vue.min.js IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash44620bcc078da0a8293739412d4cbdb4 fc12222966eee7ebe24866b1fa94b1f5b0345639 12b9f8c54c1ef3b2b5682a90caf66b68482ae4d3005ca26ad454496e4547f759
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /js/vue.min.js HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:28 GMT
content-type: application/javascript
last-modified: Sat, 08 Oct 2022 06:49:45 GMT
vary: Accept-Encoding
etag: W/"63411d89-16deb"
expires: Tue, 06 Dec 2022 10:04:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash7dfb548d8f8a99d32050803775fad5d6 8b47999a01db7c2217d76a1cec576809a229cf1b 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash7dfb548d8f8a99d32050803775fad5d6 8b47999a01db7c2217d76a1cec576809a229cf1b 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| googleads.g.doubleclick.net/pagead/id?slf_rd=1 | 142.250.74.34 | 200 OK | 120 B |
URL HTTP/2googleads.g.doubleclick.net/pagead/id?slf_rd=1 IP142.250.74.34:0
Hash0bc936daa5fc00ae726e72057cf2a0eb 59c926715879335e11b83f273f7221655defe8d2 1d748665f2b1c88a39bbfed5ce741828a0c2e29fa372c1521c75b43f4f4b2101
GET /pagead/id?slf_rd=1 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Referer: https://www.youtube.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
content-type: application/json; charset=UTF-8
date: Mon, 05 Dec 2022 22:04:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 120
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.10:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash5670c32d73c3d5771a2d9396774a7eb9 3fb62916ff54f22a011e11730ba87fea48e5d239 062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15032
Expires: Tue, 06 Dec 2022 02:15:01 GMT
Date: Mon, 05 Dec 2022 22:04:29 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15032
Expires: Tue, 06 Dec 2022 02:15:01 GMT
Date: Mon, 05 Dec 2022 22:04:29 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15032
Expires: Tue, 06 Dec 2022 02:15:01 GMT
Date: Mon, 05 Dec 2022 22:04:29 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15032
Expires: Tue, 06 Dec 2022 02:15:01 GMT
Date: Mon, 05 Dec 2022 22:04:29 GMT
Connection: keep-alive
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash2e388f1ab4ec88104f57cf23944ee684 39178c45ed645709cc388d5790b1b58a3272a62f e33b88f6f77d90b65a8fed943a45623e51f1efbdae401a1652f24be68408dba0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9fda84db003d0cfc70d73dcb6a3763dd 5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4 f00aa6b88dd85164d8f6ee685937a3ca8039b98b442a2e6aede1c4c421b4fc4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F01b6b798-4c76-47d4-ae22-c8967b0f2c5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8997
x-amzn-requestid: 54d7ed8c-119c-4583-929c-fd053524814c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csT_8F78IAMFY6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e66cc-3d9816725e7e0b1b3404bc4a;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:46:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ScASzeq_stezoHeSOmqluKJimg3R6YD6yd6guTD2d5Mjl8F_vQP0rg==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
age: 1043
etag: "5c54b4ca3db1c975b3ad7f780f0ebdc867fc2ef4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create | 142.250.74.10 | 200 OK | 31 kB |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create IP142.250.74.10:0
File typeJSON data\012- , ASCII text, with very long lines (65536), with no line terminators Hash43c6e34f828a50673decb71a16f87c91 709fc7253aff5aa1370edeb062bdfac39d33d0e7 234a8851ffbbaf211b2b1c9e0ded6635c9b5f99702ffbbd95478f4785307f5f6
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Dec 2022 22:04:29 GMT
server: ESF
cache-control: private
content-length: 31024
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg | 34.120.237.76 | 200 OK | 8.5 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2f60a6490f38a772dcd50a1132e98e1b ff254a1df087d2c157d88a6ef04e395dc49efe5e 653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TKSlCefkyQ7VDufJJOh1D7zhioft93jfOsoXxTD4ncAK5ktxlPvIoA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:52:07 GMT
age: 742
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg | 34.120.237.76 | 200 OK | 4.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash17c7b7e3a4e6f3ad9ccf7f42c400749c 76432db96e8280e24da56670fba8f8f80a95ab31 f67d401ebc225c2a9dac5b4f98dc969e22f927455c2537df353ac86f046cc4c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f48f157-f5b1-44b8-91c0-da7927555031.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4905
x-amzn-requestid: c1a43d09-3653-422d-99a2-fe6469bc4bcc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSzsG7BoAMF42Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64e4-27f51f1e5f786838157d1ee5;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VkYlpfFF-t9c_vWc14oqmL9Z6o6lA1_TqgXk4VUtZmHTkZwuMT5C6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
age: 1043
etag: "76432db96e8280e24da56670fba8f8f80a95ab31"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg | 34.120.237.76 | 200 OK | 4.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash9838b65dde746487c806ee9739f8b222 1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8 cf3ddc240b33d0f588d5acb30593b6846874a192bff9f5b69455877d7f63be53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffbcb6f9-483c-4254-9451-927fa2fc2294.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3968
x-amzn-requestid: 55111bc4-d002-44a0-855a-533251b144fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSveGo_IAMFQvA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c9-28e0a83d7f9f1ffc7544bb3d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: _Hf2XblY73dHIIWTqWgeDzJJalBo6ooCAit1eQ8G8n4385ORBBDakA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
etag: "1c95a1e47e903cc6775df2c5ed3f2f58cca42dc8"
content-type: image/jpeg
age: 1043
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg | 34.120.237.76 | 200 OK | 5.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash18bbcbf84b00d3bc602830478ff1bd7f 1f25392db4cf3693259202b24e898f21093b8bf9 cb2b44e1f74a9bb43fab48536f6146e273c728b34e4889ff3f18a411d14d2282
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbcfc1e29-0017-4346-aacf-66d3875076ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5790
x-amzn-requestid: 2e409a5f-ce04-4b9b-b3a2-74e5bbd256d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvoEoUoAMFsxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64ca-72e1bb13187b18aa26c8566f;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jr6GWYa2SFKmDWscGBd9-g7b0RKr6j4GrgNisS0-DYiojh7Kv1oMJQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:47:06 GMT
etag: "1f25392db4cf3693259202b24e898f21093b8bf9"
content-type: image/jpeg
age: 1043
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5220d724-28cf-4a09-a474-466d05000e9f.jpeg | 34.120.237.76 | 200 OK | 8.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5220d724-28cf-4a09-a474-466d05000e9f.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash608271b2522dc7e726dd2ad4af7ffe02 8182a51b3060e7b6ffaf840c1c2ef50ab06abd10 dde60941a5eec5a314d4c7c7303188769ae810d9f84ba9ae9f088d0d107f59a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5220d724-28cf-4a09-a474-466d05000e9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8424
x-amzn-requestid: 52481098-a257-4529-b85a-094d2bf39871
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSuYEdKIAMFc9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c2-2b1f26e951823d4f1cd2507d;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:10 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cq7s5taxMAwOO4vq776dk4842DfboBgSx5FnNfK2Ilcn8evZYaTfGQ==
via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:41:56 GMT
etag: "8182a51b3060e7b6ffaf840c1c2ef50ab06abd10"
content-type: image/jpeg
age: 1353
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js | 216.58.211.4 | 200 OK | 14 kB |
URL HTTP/2www.google.com/js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js IP216.58.211.4:0
File typeASCII text, with very long lines (36143) Hasha08dfd96c563f96f7d11b4858aecfa13 d9abee2c38b89d3dea85e76bb741bb8f4f993d49 fedde263fa3b4116029d93d0250f5eab845964d5fcf24e40ffbcd9bf292a0db4
GET /js/th/G-wi0KRrIjmTWIDOn44AFVMvZ_aKLO1c96DfwAE3d4M.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-length: 14211
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 19:18:12 GMT
expires: Sun, 03 Dec 2023 19:18:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 03 Nov 2022 10:00:00 GMT
content-type: text/javascript
age: 182777
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash7dfb548d8f8a99d32050803775fad5d6 8b47999a01db7c2217d76a1cec576809a229cf1b 68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| metamaskwallet.life/common/util.js | 104.208.97.16 | 200 OK | 240 B |
URL HTTP/2metamaskwallet.life/common/util.js IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash8bcc17bb519b44077ba6c08bda49e8ee 74ca1ef5e8f2352cb1c23beb92650b0014505814 9b34a71c314e84d22779c341c834eff4b5578a5882070a532e6decb1a02f4e6d
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /common/util.js HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: application/javascript
content-length: 240
last-modified: Sat, 08 Oct 2022 07:06:04 GMT
etag: "6341215c-f0"
expires: Tue, 06 Dec 2022 10:04:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.10 | 200 OK | 0 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.10:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT | 142.250.74.10 | 200 OK | 114 B |
URL HTTP/2jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT IP142.250.74.10:0
File typeJSON data\012- , ASCII text, with no line terminators Hash15f21ea83287c36b4041527eae8107d7 c6cc069b36e5322b912ff5efd1d14937406acdce 93f6051aca50e659e2cc7862ad699a7864977bc5bf7ef8980439a744c19bf663
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 903
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 05 Dec 2022 22:04:29 GMT
server: ESF
cache-control: private
content-length: 114
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| images.ctfassets.net/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/541bddd48cea207925635d697b9bbcc0/hero2.2.png?w=1200&q=100&fm=webp | 54.230.111.77 | 200 OK | 182 kB |
URL HTTP/2images.ctfassets.net/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/541bddd48cea207925635d697b9bbcc0/hero2.2.png?w=1200&q=100&fm=webp IP54.230.111.77:0
File typeRIFF (little-endian) data, Web/P image\012- data Size182 kB (182268 bytes) Hash73c0dc9bd7eeb1fc2f94f654dd44e321 233a2860cdf1868f990f382157b9ab2a79a3e175 a7e270a3e16b1570a337f6975a8cadca1659fe1ab7f9bcf67aa2a148da03a9e9
GET /9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/541bddd48cea207925635d697b9bbcc0/hero2.2.png?w=1200&q=100&fm=webp HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 182268
last-modified: Fri, 18 Nov 2022 04:49:30 GMT
server: Contentful Images API
access-control-allow-origin: *
date: Mon, 05 Dec 2022 21:01:08 GMT
cache-control: max-age=31536000
etag: "73c0dc9bd7eeb1fc2f94f654dd44e321"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -SA_BOf3-M762Sbf2p-RMsCIgzo-MKlGmnfI2IqK38LNl5NTMAUstA==
age: 3801
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash0c244629557856f731df6a3141c94929 965c50534cf2ad34cf0c9b85fc3dbaf90375489c 5155092a96a313754ed2332d9e9deb225fd276fe3b9952ddb94cc4ab9a017735
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| i.ytimg.com/vi/YVgfHZMFFFQ/default.jpg | 216.58.207.214 | 200 OK | 2.5 kB |
URL HTTP/2i.ytimg.com/vi/YVgfHZMFFFQ/default.jpg IP216.58.207.214:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 120x90, components 3\012- data Hash45fee137d2228a1f262812895de57314 7bc9d830a8bac5d4cfdc56ff1224225a9bf1f982 dd603175ee9073585d706f1d8c6f328e6b06bc9e28faae47a5b92f09cd837c75
GET /vi/YVgfHZMFFFQ/default.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 2528
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 05 Dec 2022 21:06:27 GMT
expires: Mon, 05 Dec 2022 23:06:27 GMT
cache-control: public, max-age=7200
etag: "1582837014"
content-type: image/jpeg
age: 3482
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 471 B |
IP216.58.211.3:0
Hash0c244629557856f731df6a3141c94929 965c50534cf2ad34cf0c9b85fc3dbaf90375489c 5155092a96a313754ed2332d9e9deb225fd276fe3b9952ddb94cc4ab9a017735
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash67e4709c84acec8eddbeb11d56e7d0fd 32a14eeba023499cda0d49fd785ac7626f4a5582 8953090ad9df36f81c3393cc6c67c87b6ad521b8806c7ea004e0b4354b9e1c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| yt3.ggpht.com/ytc/AMLnZu_bZz66jLBsycj-vvHpGDFsqqC2EwCByH4KWi0J=s68-c-k-c0x00ffffff-no-rj | 142.250.74.65 | 200 OK | 2.7 kB |
URL HTTP/2yt3.ggpht.com/ytc/AMLnZu_bZz66jLBsycj-vvHpGDFsqqC2EwCByH4KWi0J=s68-c-k-c0x00ffffff-no-rj IP142.250.74.65:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=Google], baseline, precision 8, 68x68, components 3\012- data Hash6b9680c9e0e4b8f66f2eb05e767c68eb 1bac27e970d3f77973c4e877f56acc1b844885bd 73360daef1e2781c6fe96e9150f10f2e4bbfe239940e15aa93cad4a901e10ce7
GET /ytc/AMLnZu_bZz66jLBsycj-vvHpGDFsqqC2EwCByH4KWi0J=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
content-disposition: inline;filename="unnamed.jpg"
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
server: fife
content-length: 2716
x-xss-protection: 0
date: Mon, 05 Dec 2022 18:25:08 GMT
expires: Sun, 06 Nov 2022 02:47:30 GMT
cache-control: public, max-age=86400, no-transform
age: 13161
etag: "v1c"
content-type: image/jpeg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| images.ctfassets.net/9sy2a0egs6zh/66xW3q4QV8YAl69ZT9tFGR/b601d5e628197b42ad92d2ac5f1929a4/dapp-aave.png | 54.230.111.77 | 200 OK | 14 kB |
URL HTTP/2images.ctfassets.net/9sy2a0egs6zh/66xW3q4QV8YAl69ZT9tFGR/b601d5e628197b42ad92d2ac5f1929a4/dapp-aave.png IP54.230.111.77:0
File typePNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data Hash521a00d54b7fe1cb1d7712b655ca54a6 8c5aa52335bf25183781e62843ede770bf6877ba 506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55
GET /9sy2a0egs6zh/66xW3q4QV8YAl69ZT9tFGR/b601d5e628197b42ad92d2ac5f1929a4/dapp-aave.png HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 14347
date: Mon, 05 Dec 2022 01:42:03 GMT
last-modified: Thu, 14 Oct 2021 12:27:49 GMT
etag: "521a00d54b7fe1cb1d7712b655ca54a6"
cache-control: max-age=31536000
server: Contentful Images API
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ha4PiFguYPaG1-C4VsXfu5cFGXtwEW58Rj94snpLuHk9yTOAzg7qnw==
age: 73347
X-Firefox-Spdy: h2
|
|
| images.ctfassets.net/9sy2a0egs6zh/sRi3IfUyBXgEbKqIEGYOf/01c1bce3dc97d8a3ae9fbb9f30845786/dapp-axieinfinity.png | 54.230.111.77 | 200 OK | 43 kB |
URL HTTP/2images.ctfassets.net/9sy2a0egs6zh/sRi3IfUyBXgEbKqIEGYOf/01c1bce3dc97d8a3ae9fbb9f30845786/dapp-axieinfinity.png IP54.230.111.77:0
File typePNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data Hash5f662391fe3ddc927134ba8e15263eaf ab5ea7aacdc8c97238247f59761abc02033b2a67 7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421
GET /9sy2a0egs6zh/sRi3IfUyBXgEbKqIEGYOf/01c1bce3dc97d8a3ae9fbb9f30845786/dapp-axieinfinity.png HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 42713
date: Mon, 05 Dec 2022 21:01:09 GMT
last-modified: Thu, 14 Oct 2021 12:27:49 GMT
etag: "5f662391fe3ddc927134ba8e15263eaf"
cache-control: max-age=31536000
server: Contentful Images API
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bR0eSTs9Rvz8ksUqWvjebFb3UegXB1a3Oq7fHMUUPJomQhpy1puTKg==
age: 3801
X-Firefox-Spdy: h2
|
|
| images.ctfassets.net/9sy2a0egs6zh/3je4UxBCkGOdxGshD4Q1yt/0c5d774242afc22255dc2df374915148/dapp-gitcoin.png | 54.230.111.77 | 200 OK | 8.0 kB |
URL HTTP/2images.ctfassets.net/9sy2a0egs6zh/3je4UxBCkGOdxGshD4Q1yt/0c5d774242afc22255dc2df374915148/dapp-gitcoin.png IP54.230.111.77:0
File typePNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data Hashc710e9a5c39e89136a73edf0a1c99abe aca40362b7d87533d00250e102ba852d19e2231c 7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43
GET /9sy2a0egs6zh/3je4UxBCkGOdxGshD4Q1yt/0c5d774242afc22255dc2df374915148/dapp-gitcoin.png HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7998
last-modified: Thu, 14 Oct 2021 12:27:51 GMT
server: Contentful Images API
access-control-allow-origin: *
date: Mon, 05 Dec 2022 21:01:09 GMT
cache-control: max-age=31536000
etag: "c710e9a5c39e89136a73edf0a1c99abe"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GKZs4IUIENIz-Af_b3auwR5x6XaFAYG_SA03q77_H_UxOvZ9hbsDtA==
age: 3801
X-Firefox-Spdy: h2
|
|
| images.ctfassets.net/9sy2a0egs6zh/12oxd35siV9K1gd4XqMVqX/1c0d61f9ae158806f1625a4224fc703c/dapp-maker.png | 54.230.111.77 | 200 OK | 6.9 kB |
URL HTTP/2images.ctfassets.net/9sy2a0egs6zh/12oxd35siV9K1gd4XqMVqX/1c0d61f9ae158806f1625a4224fc703c/dapp-maker.png IP54.230.111.77:0
File typePNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data Hash720871ca002e89a10d26e5c516066311 8648fe12645cd5c3473a73faba1d42cef78de444 f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96
GET /9sy2a0egs6zh/12oxd35siV9K1gd4XqMVqX/1c0d61f9ae158806f1625a4224fc703c/dapp-maker.png HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 6852
date: Mon, 05 Dec 2022 01:42:03 GMT
last-modified: Thu, 14 Oct 2021 12:27:51 GMT
etag: "720871ca002e89a10d26e5c516066311"
cache-control: max-age=31536000
server: Contentful Images API
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7bO2qPA-h5NGKoTUqZazGR3j7EaFnvHxFUNPHpwDJMUBfCQSxcvncw==
age: 73347
X-Firefox-Spdy: h2
|
|
| images.ctfassets.net/9sy2a0egs6zh/4qGhgWlzcQfkICzCGJ0xVV/c6809a36e571f006f9e5c2999bfcea59/dapp-opensea.png | 54.230.111.77 | 200 OK | 6.5 kB |
URL HTTP/2images.ctfassets.net/9sy2a0egs6zh/4qGhgWlzcQfkICzCGJ0xVV/c6809a36e571f006f9e5c2999bfcea59/dapp-opensea.png IP54.230.111.77:0
File typePNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data Hashf82776f839cec899c9c87a680226aabf 43f5dedb6216cb02ee568fcb66cb19fc296c3a85 c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116
GET /9sy2a0egs6zh/4qGhgWlzcQfkICzCGJ0xVV/c6809a36e571f006f9e5c2999bfcea59/dapp-opensea.png HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 6533
date: Mon, 05 Dec 2022 01:42:03 GMT
last-modified: Thu, 14 Oct 2021 12:27:51 GMT
etag: "f82776f839cec899c9c87a680226aabf"
cache-control: max-age=31536000
server: Contentful Images API
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8ZsgC00VuYLHSrDOqk2WuUdbQkrRi_1jqFi5Md-lNRerWoD4HbyuZA==
age: 73347
X-Firefox-Spdy: h2
|
|
| images.ctfassets.net/9sy2a0egs6zh/4JYnVbP6bKsQgAUN1FOAxQ/9689c7760674f824f36ac46a4b646ef1/dapp-rarible.png | 54.230.111.77 | 200 OK | 6.8 kB |
URL HTTP/2images.ctfassets.net/9sy2a0egs6zh/4JYnVbP6bKsQgAUN1FOAxQ/9689c7760674f824f36ac46a4b646ef1/dapp-rarible.png IP54.230.111.77:0
File typePNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data Hashb9f7c0fd11c34c044799e673947103f8 491baab057af39b2b24bf0c671d0eb05454b8c48 29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c
GET /9sy2a0egs6zh/4JYnVbP6bKsQgAUN1FOAxQ/9689c7760674f824f36ac46a4b646ef1/dapp-rarible.png HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 6840
date: Mon, 05 Dec 2022 01:50:08 GMT
last-modified: Thu, 14 Oct 2021 12:27:51 GMT
etag: "b9f7c0fd11c34c044799e673947103f8"
cache-control: max-age=31536000
server: Contentful Images API
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g_BGAywI6np22RU2a57Glc3ZlBMn8urw4APVSh10sSNDpAxvCGXfzg==
age: 72862
X-Firefox-Spdy: h2
|
|
| images.ctfassets.net/9sy2a0egs6zh/2g8PJzqRsd9qxe9oaC83ia/477b426c3ac16b257469daf0819b4d9b/dapp-uniswap.png | 54.230.111.77 | 200 OK | 10 kB |
URL HTTP/2images.ctfassets.net/9sy2a0egs6zh/2g8PJzqRsd9qxe9oaC83ia/477b426c3ac16b257469daf0819b4d9b/dapp-uniswap.png IP54.230.111.77:0
File typePNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data Hash1948962ad395727d902bd6b5fcd01807 f7e85e096b084ef6d9f550afbcd702fd889031a5 ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b
GET /9sy2a0egs6zh/2g8PJzqRsd9qxe9oaC83ia/477b426c3ac16b257469daf0819b4d9b/dapp-uniswap.png HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 10268
date: Mon, 05 Dec 2022 01:33:56 GMT
last-modified: Thu, 14 Oct 2021 12:27:51 GMT
etag: "1948962ad395727d902bd6b5fcd01807"
cache-control: max-age=31536000
server: Contentful Images API
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XPPPyUWPUiOJz1tQKqQMZOMfR2ffV5zGIQ6MlzSFRx-VhlYEut8rAA==
age: 73834
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash67e4709c84acec8eddbeb11d56e7d0fd 32a14eeba023499cda0d49fd785ac7626f4a5582 8953090ad9df36f81c3393cc6c67c87b6ad521b8806c7ea004e0b4354b9e1c92
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 727 B |
IP93.184.220.29:0
Hash989dd1bb767da0443cea77ddf8eeb004 aba0004c56883e45a4ee6e79f4bc65f91bf9facc ad927fdc846bff154a7397fbd584b6b6b1dbf47a4cd89bc6da8a603d51323093
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2396
Cache-Control: max-age=155173
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:29 GMT
Etag: "638e1cb6-2d7"
Expires: Wed, 07 Dec 2022 17:10:42 GMT
Last-Modified: Mon, 05 Dec 2022 16:30:46 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 727
|
|
| acsbapp.com/apps/app/dist/fonts/acsbi.ttf?qj8z5u | 83.229.67.229 | 200 OK | 13 kB |
URL HTTP/2acsbapp.com/apps/app/dist/fonts/acsbi.ttf?qj8z5u IP83.229.67.229:0
File typeTrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, acsbi \012- data Hashfa2431792abec931702d29caaeb62c75 83bc0b1466f1858652924cd2f594d104df4bd202 5163feddb897a7675944b716ea958d6362812be52f10a646bcb3395c11d0d6c5
GET /apps/app/dist/fonts/acsbi.ttf?qj8z5u HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metamaskwallet.life
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Tue, 05 Dec 2023 22:04:29 GMT
content-type: application/x-font-ttf
last-modified: Sun, 12 Jun 2022 20:09:40 GMT
etag: "31f4-62a64804-8c2c7b7831cf142c;;;"
accept-ranges: bytes
content-length: 12788
date: Mon, 05 Dec 2022 22:04:29 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/en.svg | 104.208.97.16 | 200 OK | 14 kB |
URL HTTP/2metamaskwallet.life/img/en.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators Hash80043d0f0ab8dc8a032b7033c87d6252 f999c7863ed8d342f4d4d4ce43dea8dc5b4fa9ef b03146399f5f2f7308dcf5c7e7be66bebf1a8bb5fb92d0da5e43c73ad98fb884
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/en.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 13916
last-modified: Sat, 08 Oct 2022 06:49:32 GMT
etag: "63411d7c-365c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/es.svg | 104.208.97.16 | 200 OK | 176 kB |
URL HTTP/2metamaskwallet.life/img/es.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators Size176 kB (176315 bytes) Hash6b70dfedc3c5ef02b84b4d9b58a0d8b5 40a8cb861a19590d19a85f334307f56f91afae2f 92c0944ca2ad83f55dcc89c8c4c69dd6b12f4698c735c7a83cc74a168d7599cb
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/es.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 176315
last-modified: Sat, 08 Oct 2022 06:49:33 GMT
etag: "63411d7d-2b0bb"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/de.svg | 104.208.97.16 | 200 OK | 421 B |
URL HTTP/2metamaskwallet.life/img/de.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators Hash5a8b0c5ed8e27dd0072696b1d1ae564c cc50b6d87aea775b553042c9ff7983860c964de5 3609bec2429f59ab56de7f6b6fa1bbe8efbb28246630b97e7704fb4ac557c909
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/de.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 421
last-modified: Sat, 08 Oct 2022 06:49:32 GMT
etag: "63411d7c-1a5"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash79c225db327a78b782f5a9512b07eaf0 398a1be3a70264d959146d6670d2ca54cdf4e91a 8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 216.58.211.3 | 200 OK | 472 B |
IP216.58.211.3:0
Hash79c225db327a78b782f5a9512b07eaf0 398a1be3a70264d959146d6670d2ca54cdf4e91a 8539ea44d81775448ae8c6179d54d8a397c559b112291fa78abcf6ac6c480815
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 22:04:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 | 216.58.207.227 | 200 OK | 15 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data Hash5d4aeb4e5f5ef754e307d7ffaef688bd 06db651cdf354c64a7383ea9c77024ef4fb4cef8 3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 21:48:03 GMT
expires: Fri, 01 Dec 2023 21:48:03 GMT
cache-control: public, max-age=31536000
age: 346586
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 | 216.58.207.227 | 200 OK | 16 kB |
URL HTTP/2fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 IP216.58.207.227:0
File typeWeb Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data Hash285467176f7fe6bb6a9c6873b3dad2cc ea04e4ff5142ddd69307c183def721a160e0a64e 5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Dec 2022 16:40:43 GMT
expires: Fri, 01 Dec 2023 16:40:43 GMT
cache-control: public, max-age=31536000
age: 365026
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/css/style.css | 104.208.97.16 | 200 OK | 5.7 kB |
URL HTTP/2metamaskwallet.life/css/style.css IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash0e56d8a03f485961c96f38fb7492536e f42d36fcff2e6384e77eade7e918ca6fe3b24fb0 a7dffb71a135a5d238e91b1cd4db9a7fdb21afaf1cef80354ebf5c4618b4d131
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | |
GET /css/style.css HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:28 GMT
content-type: text/css
last-modified: Sat, 08 Oct 2022 06:49:30 GMT
vary: Accept-Encoding
etag: W/"63411d7a-37dc"
expires: Tue, 06 Dec 2022 10:04:28 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/pt.svg | 104.208.97.16 | 200 OK | 71 kB |
URL HTTP/2metamaskwallet.life/img/pt.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators Hashf06d50952ebba784231062f29374a21e 719736687ee3fb165ac17b13fae712f6166a0a80 7b6eb871f7d40ad24f619dfaaffad06f7c1e2b1e13bb618922e11c428cb51f8a
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/pt.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 70725
last-modified: Sat, 08 Oct 2022 06:49:36 GMT
etag: "63411d80-11445"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/fr.svg | 104.208.97.16 | 200 OK | 426 B |
URL HTTP/2metamaskwallet.life/img/fr.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators Hash47a224cd21e592862455d7f1aaab7736 1015854f8a3e09b41bcff00bd12a7a59ce58d003 af5c0507c9c4d31a83b6002a36406f4b566a0ebca9d5e85a68ed1abd04f0cea3
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/fr.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 426
last-modified: Sat, 08 Oct 2022 06:49:33 GMT
etag: "63411d7d-1aa"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/it.svg | 104.208.97.16 | 200 OK | 445 B |
URL HTTP/2metamaskwallet.life/img/it.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators Hashf59fcf5350cd7b473274a8cb2e0d0596 9b4c583d7981a8015903c0592b07a65fe7b21c3e f3622a01106d47a12e8a1b97557456a3f923d4f4d03f9ff19f43cf9727f4f7e4
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/it.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 445
last-modified: Sat, 08 Oct 2022 06:49:34 GMT
etag: "63411d7e-1bd"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/he.svg | 104.208.97.16 | 200 OK | 721 B |
URL HTTP/2metamaskwallet.life/img/he.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators Hash938bef75aaa120329b6ed031cf796545 370eb36aaa04633851b23a342768393b01b4c713 e9922659a34607a0cb2fbb3dcd2a526a244aa5491d6836c8674dd2f505e0d5d7
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/he.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 721
last-modified: Sat, 08 Oct 2022 06:49:33 GMT
etag: "63411d7d-2d1"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/data/index.js | 104.208.97.16 | 200 OK | 24 kB |
URL HTTP/2metamaskwallet.life/data/index.js IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash02e14199f9c8eede036fa1665e029aa2 9bcc30fa7aaa6b192b0df4d6b4875bb718782f44 2cad375d14b65d78f0171bb6c0a5d4ddc664503c05903d8ab3a6fc0e8ab6637a
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /data/index.js HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: application/javascript
last-modified: Sat, 08 Oct 2022 06:49:31 GMT
vary: Accept-Encoding
etag: W/"63411d7b-1176d"
expires: Tue, 06 Dec 2022 10:04:29 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/ru.svg | 104.208.97.16 | 200 OK | 419 B |
URL HTTP/2metamaskwallet.life/img/ru.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators Hash9d3018d404917cd55fdc77e7d689402b 7434bb8acef8b3a489d86511b701a0a68001fab9 dfc8d80e8e291c21eb25698aa3dd45040e05da4842d32af1d800272123f8e363
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/ru.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 419
last-modified: Sat, 08 Oct 2022 06:49:36 GMT
etag: "63411d80-1a3"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/ar.svg | 104.208.97.16 | 200 OK | 1.1 kB |
URL HTTP/2metamaskwallet.life/img/ar.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators Hashc4c595e05989384060fc5f46f49739ee bb54c1a86905c713dfcee808a7b2c992cb07337d 7372aeb380e8d68845c008d6f83a62aee08f7330a026d86560671f00596ef4ef
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/ar.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 1066
last-modified: Sat, 08 Oct 2022 06:49:31 GMT
etag: "63411d7b-42a"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/ua.svg | 104.208.97.16 | 200 OK | 696 B |
URL HTTP/2metamaskwallet.life/img/ua.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- HTML document, ASCII text, with CRLF line terminators Hash2073aafeafbd407ab512e1c51d86ab78 628c216257fe6d02ec2e993a97eca4eef9944712 4e02f61dba85c2fdad5a68434c7abc8e83fbbb2fef97c92dcc61a373a82052e8
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/ua.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 696
last-modified: Sat, 08 Oct 2022 06:49:37 GMT
etag: "63411d81-2b8"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/nl.svg | 104.208.97.16 | 200 OK | 457 B |
URL HTTP/2metamaskwallet.life/img/nl.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators Hashcd7e96dd94e8f6045c7cb3fdf1857414 cc61a20a453d1b1e45b85431cb0430d554f96089 2ab9c04aacd88f8844e78a619caecc9ba23bba3ceba92d998878bf5bdd390a7f
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/nl.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 457
last-modified: Sat, 08 Oct 2022 06:49:35 GMT
etag: "63411d7f-1c9"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/zh.svg | 104.208.97.16 | 200 OK | 1.9 kB |
URL HTTP/2metamaskwallet.life/img/zh.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators Hashafbf4f8628355f9ac73e026f8a2aacef f9809caa479fb211a4614a1f6709eb77c46fb447 96cd2d0fa97171ddb9c6934b7a97830f4ca42d11a366505b2a818d38571f9bb4
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/zh.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 1902
last-modified: Sat, 08 Oct 2022 06:49:38 GMT
etag: "63411d82-76e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/ja.svg | 104.208.97.16 | 200 OK | 555 B |
URL HTTP/2metamaskwallet.life/img/ja.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators Hasha6d7b358f72d8534f50cdaa21e73d03a 0704c8083fc25ed5be3613f1432b9c992cb81005 7eadf43167f3a4b5d6d966a44b0079a785450172bf397d8a3477d732344277b1
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/ja.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 555
last-modified: Sat, 08 Oct 2022 06:49:35 GMT
etag: "63411d7f-22b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/wallet-illo.svg | 104.208.97.16 | 200 OK | 36 kB |
URL HTTP/2metamaskwallet.life/img/wallet-illo.svg IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typeSVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1199) Hash63ad7f01f67accd6aafb47999640abe5 5ed10575a1a39d5b02840416a281fb1e655bd423 596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET /img/wallet-illo.svg HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:29 GMT
content-type: image/svg+xml
content-length: 36437
last-modified: Sat, 08 Oct 2022 06:49:37 GMT
etag: "63411d81-8e55"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| images.ctfassets.net/9sy2a0egs6zh/5OUzGQmzOnMzYZDpRzvSjp/a963c84101729a54fade58e13046bca4/dapp-compound.png | 54.230.111.77 | 200 OK | 11 kB |
URL HTTP/2images.ctfassets.net/9sy2a0egs6zh/5OUzGQmzOnMzYZDpRzvSjp/a963c84101729a54fade58e13046bca4/dapp-compound.png IP54.230.111.77:0
File typePNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data Hash3818f9cfccbd94fad91a10d3c5ee356c 7c6af849177aa8bf6ef9bcbf801dc375e1997900 20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76
GET /9sy2a0egs6zh/5OUzGQmzOnMzYZDpRzvSjp/a963c84101729a54fade58e13046bca4/dapp-compound.png HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 11355
date: Mon, 05 Dec 2022 22:04:30 GMT
last-modified: Thu, 14 Oct 2021 12:27:51 GMT
etag: "3818f9cfccbd94fad91a10d3c5ee356c"
cache-control: max-age=31536000
server: Contentful Images API
access-control-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cpilsKOL6_in0RVOtQLp28KJGpiH2XvDngOPItGY4auWcwCXsqNPcg==
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/img/icon-48x48.png | 104.208.97.16 | 200 OK | 4.2 kB |
URL HTTP/2metamaskwallet.life/img/icon-48x48.png IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
File typePNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data Hash7688ebe09d93b68eb4a23536f7b7aefb 5b33f4a405eb2f178146d1016fbf2046c1c77866 918a76a5bebc21af888b92725ad9207b7c6886f6035d5b5115999251b58ba9e8
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | |
GET /img/icon-48x48.png HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:30 GMT
content-type: image/png
content-length: 4210
last-modified: Sat, 08 Oct 2022 06:49:34 GMT
etag: "63411d7e-1072"
expires: Wed, 04 Jan 2023 22:04:30 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| metamaskwallet.life/ | 104.208.97.16 | 200 OK | 0 B |
IP104.208.97.16:0 ASN#8075 MICROSOFT-CORP-MSN-AS-BLOCK
| Analyzer | Verdict | Alert |
|---|
| openphish | Crypto/Wallet | | | fortinet | Phishing | |
GET / HTTP/1.1
Host: metamaskwallet.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 22:04:27 GMT
content-type: text/html
last-modified: Sat, 08 Oct 2022 06:49:26 GMT
vary: Accept-Encoding
etag: W/"63411d76-1647e"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.youtube.com/embed/YVgfHZMFFFQ | 142.250.74.110 | 200 OK | 0 B |
URL HTTP/2www.youtube.com/embed/YVgfHZMFFFQ IP142.250.74.110:0
GET /embed/YVgfHZMFFFQ HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 05 Dec 2022 22:04:28 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=osJukCKX0a0; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=8rfl2Wrbzcs; Domain=.youtube.com; Expires=Sat, 03-Jun-2023 22:04:28 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+645; expires=Wed, 04-Dec-2024 22:04:28 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| images.ctfassets.net/9sy2a0egs6zh/Cgl4g0Z2URG5PhRXT7CjP/54984377c95ba08d7aa5b36acb038b61/Browse-illo.svg | 54.230.111.77 | 200 OK | 0 B |
URL HTTP/2images.ctfassets.net/9sy2a0egs6zh/Cgl4g0Z2URG5PhRXT7CjP/54984377c95ba08d7aa5b36acb038b61/Browse-illo.svg IP54.230.111.77:0
GET /9sy2a0egs6zh/Cgl4g0Z2URG5PhRXT7CjP/54984377c95ba08d7aa5b36acb038b61/Browse-illo.svg HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 14 Oct 2021 12:25:00 GMT
server: Contentful Images API
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 05 Dec 2022 04:00:57 GMT
cache-control: max-age=31536000
etag: W/"afeafb6a9f14bd7771c63015be5a05c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: u8HtfeLuj3vTH6HrDCcJUcGqiYuKF7UKwNNnZsJcjOp-YUMqMilSpQ==
age: 65013
X-Firefox-Spdy: h2
|
|
| images.ctfassets.net/9sy2a0egs6zh/5w0q0fWbGtmiSts6oIDJ5x/6746f0e6d562c0e8315d841eb4c85f87/Explore-illo.svg | 54.230.111.77 | 200 OK | 0 B |
URL HTTP/2images.ctfassets.net/9sy2a0egs6zh/5w0q0fWbGtmiSts6oIDJ5x/6746f0e6d562c0e8315d841eb4c85f87/Explore-illo.svg IP54.230.111.77:0
GET /9sy2a0egs6zh/5w0q0fWbGtmiSts6oIDJ5x/6746f0e6d562c0e8315d841eb4c85f87/Explore-illo.svg HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamaskwallet.life/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 14 Oct 2021 12:32:54 GMT
server: Contentful Images API
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 05 Dec 2022 03:52:34 GMT
cache-control: max-age=31536000
etag: W/"46fb450c5ecf6da758bca0975551f056"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NNVnAPm0rRfpccqqkJlYKoRJftq84gnSnXfjKdshQiAGm3Fb4AB8ZQ==
age: 65515
X-Firefox-Spdy: h2
|
|
0.0.0.0