r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4283
Expires: Thu, 06 Oct 2022 02:14:35 GMT
Date: Thu, 06 Oct 2022 01:03:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.65200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: s92_OnregoQbFIJI0DykkjQSDg9OyTmFICByAbG2zLgnvYk_bJMx0g==
Age: 33354
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a1073a68ed38c8e3575e889224db944c
ee2a7a3e2da77a8540131f9ffaa0a20d4dd486bd
a9fb1f7ade7c8a79d2ee83e9b7215e66dc89ac733b11079297a8f4b9aceae1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5173
Expires: Thu, 06 Oct 2022 02:29:25 GMT
Date: Thu, 06 Oct 2022 01:03:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: aK7IBJfBQbrFml3avPPPwEeDPqjeXJT+M/0OLo+fHArZSM6QJNo2DA7XMtlSKOoRC4E35ryujVQ=
x-amz-request-id: DRZ6FMRCJWEZ28E3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 00:58:31 GMT
age: 281
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ethers-airdrop.org/
188.114.97.1200 OK 2.2 kB IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4759), with no line terminators
Hash c1549e9026cc6d80b95e3702d435503e
5ea4abd092ac03077575976b9130122dd65d9e88
afbd25601ed1a21f5ba44296b4e9981fcdf081b8e067597376ce91af7769200c
Analyzer Verdict Alert phishtank Other
fortinet Phishing
GET / HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:12 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
cache-control: public, max-age=0
last-modified: Sun, 02 Oct 2022 16:25:59 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3em6NxLfKCHA9pLwKg7t2lzbjhdERrCZEJu27DQKsxeLy81joENT7bX7KqCnRc5jcWEfqPozWU9oKKG184627cxeoAJMF55zoBM8Gbixns3nHK58YFuyHuwwZitaCDXQdz6QzQw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 755a79d70ef7b529-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 01:03:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css
104.17.25.14200 OK 3.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/3.7.2/animate.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (57919)
Hash 4a8baa45fecbff51b8b9863b95788c9f
1dbc7f159b53fbd717d8cff486a39373d09aecfc
3a9ca2c9d6a36ce0283f1bc2502912ffb17c2acf9421d3b0ffd81a6be92b63af
GET /ajax/libs/animate.css/3.7.2/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ethers-airdrop.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 01:03:13 GMT
content-type: text/css; charset=utf-8
content-length: 3511
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d2a-e311"
last-modified: Mon, 04 May 2020 16:04:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 10467674
expires: Tue, 26 Sep 2023 01:03:13 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCKUmiuTRR3MW3IQ2jzc%2F6dB6nSrqg6Clpsc1lu5N6Zy%2FzRME%2FDhexicw0ayE%2FvhClTIVvv9bAYtiVolDIObnIe6DmFvwgfJHgMF0p2haIWr4X96ZAQ06h9h17S16tfPgj1rhNlP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 755a79da5bfcb50c-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.65200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.65:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 00:29:33 GMT
Expires: Thu, 06 Oct 2022 00:55:57 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: h7cOSRDR5_51obEaQdOqiCkLRFSNXCLmHicFn4XXVbXcmkLNCFoVkQ==
Age: 2020
ethers-airdrop.org/static/js/3.7c8990b9.chunk.js
188.114.97.1200 OK 334 kB URL HTTP/1.1 ethers-airdrop.org/static/js/3.7c8990b9.chunk.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (65462)
Size 334 kB (334229 bytes)
Hash 3a0690ab487c321a1eea2cf8d369afc9
a41263abaf351693bae73989fb230d9b427348a0
bc4192444c46d0d516c3980d869e4cf402f70dd3fe559e47312f921575fc127f
Analyzer Verdict Alert fortinet Phishing
GET /static/js/3.7c8990b9.chunk.js HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:13 GMT
Content-Type: application/javascript
Content-Length: 334229
Connection: keep-alive
last-modified: Sun, 02 Oct 2022 12:25:18 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkJxsL4MzGnk6zRkbFEqycfym9BHoX1YsRKR4ucSRBcveFVciWlTYjV20oJtptN0bHz1KfjzpcMQDhIs54UJY2FE6DShHWpXNfdmXCtlf7N2%2BLnby%2BRhPyG4RfySG3k8QpeSjYU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 755a79da4a44b50f-OSL
alt-svc: h2=":443"; ma=60
ethers-airdrop.org/static/css/3.ca6dcbae.chunk.css
188.114.97.1200 OK 701 B URL HTTP/1.1 ethers-airdrop.org/static/css/3.ca6dcbae.chunk.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (3870)
Hash c2c2463c304cddc21e5d7e9b7dd78a85
e8d78aa0129ed1ddfcdff2660265550d4403bcf3
f92b3bed75f9a83755ed573f536a2a54a561c308520adba7d38d07b36f931dc8
GET /static/css/3.ca6dcbae.chunk.css HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:13 GMT
Content-Type: text/css
Content-Length: 701
Connection: keep-alive
last-modified: Sun, 02 Oct 2022 12:25:18 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K4scc341ICN%2FeM3rX9YIBBUelnklUxKPyABgnTujPLW%2BgQbDEplTbUsMiTS7bCByrFhzDu6p9jhfEMvZBNrhpibV%2Fil86BdK22QTuZroq%2B220gul%2BXaczwJhfGBOtcY%2BkC1Qzpo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 755a79da3ec1b517-OSL
alt-svc: h2=":443"; ma=60
ethers-airdrop.org/static/js/main.c4084d79.chunk.js
188.114.97.1200 OK 14 kB URL HTTP/1.1 ethers-airdrop.org/static/js/main.c4084d79.chunk.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (50113)
Hash b3e35473b0320cea6039560fff373658
d5aed2d5dfe57d2ff2093e72c76dad9a3c9ed4a6
6c0a389888b72dcbfa502c45d9fb7b23bcfa6854cdf61fc02d3063c4ea6804af
Analyzer Verdict Alert fortinet Phishing
GET /static/js/main.c4084d79.chunk.js HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:13 GMT
Content-Type: application/javascript
Content-Length: 14470
Connection: keep-alive
last-modified: Sun, 02 Oct 2022 12:25:18 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=50oUSJmBOhqPqV2hu1n1MHeW0sFIAzN86shAxDopywDBbQ%2BK4VX%2Bs1MDIUBrfcxVyPViWnWjcBYrPNdyYI1u450MDeiH9Uic4tPnqOGo6bvJx2XEhpuZllU4jcdsBd%2BaYIQUeFA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 755a79da4a5ab50f-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6206
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 01:03:13 GMT
Last-Modified: Wed, 05 Oct 2022 23:19:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ethers-airdrop.org/assets/fonts/LULO%20CLEAN.ttf
188.114.97.1200 OK 15 kB URL HTTP/1.1 ethers-airdrop.org/assets/fonts/LULO%20CLEAN.ttf
IP 188.114.97.1:0
File type TrueType Font data, 15 tables, 1st "FFTM", 30 names, Macintosh\012- data
Hash da22a527d3380e050688028c0cbdd186
62f22a4fe77d57b703dfcda459282b92de205582
4e28d78dafd1588865934856e0e332a190f18627e6f9284cef51db8895eb3ad5
Analyzer Verdict Alert fortinet Phishing
GET /assets/fonts/LULO%20CLEAN.ttf HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:13 GMT
Content-Type: font/ttf
Content-Length: 14884
Connection: keep-alive
last-modified: Thu, 28 Jul 2022 01:29:58 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=94rMfASUX8%2BUznys9DnJdTAIuiLvqEE58cmmDQS8vzT5n8l32tkOUO8UaeAkDluxB0sMpuGQaLYZF1tXsZJS%2FubZTJF7rzpY8L4YUMjtumcPjY12aYXuyXjdfTqLHj2Wbm26TY4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 755a79da3883b529-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: KEMCjc4BhsfzMZDBG7k4Gg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: iciwTyRsrrwMzYKDlb9vSqc7NO8=
ethers-airdrop.org/static/css/main.aab11350.chunk.css
188.114.97.1200 OK 721 B URL HTTP/1.1 ethers-airdrop.org/static/css/main.aab11350.chunk.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (1697)
Hash fe25d4aae1609a0143294ea11a749c27
fc83df4b5cf71e68270c23b5da81fa2908a1f6ba
84e9accd2ecac70302452fe7ac724b11f8de773ba641b5167b40849a61a98e29
GET /static/css/main.aab11350.chunk.css HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:14 GMT
Content-Type: text/css
Content-Length: 721
Connection: keep-alive
last-modified: Sun, 02 Oct 2022 12:25:18 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNRSoz8lZRD6zsBU4GLApXzkmGieWZW5O%2FhF5rP7COFTPczkkfoRmWqscswBRxrK27AHz5DaKz7Ae3wgzDDjwi3llcxOGGvGp6nCZQJ2eqqkeGArxmKM0lRxP0DIq1Ol7ijm4pk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 755a79da4ed9b4f1-OSL
alt-svc: h2=":443"; ma=60
ethers-airdrop.org/assets/logo/undefined
188.114.97.1200 OK 2.2 kB URL HTTP/1.1 ethers-airdrop.org/assets/logo/undefined
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4759), with no line terminators
Hash b16b1cb3ebed79841ce53f44b3567856
ca09154f06519c28cedc66894c74a9c160ce2cfe
d2c66f54b9358e9c1dcd867a9a4d2d328b69be45a72e7921ea0cf171ccf9291c
Analyzer Verdict Alert fortinet Phishing
GET /assets/logo/undefined HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-powered-by: Express
access-control-allow-origin: *
cache-control: public, max-age=0
last-modified: Sun, 02 Oct 2022 16:25:59 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RTP6whx9RLlnmkF68SqU%2FNjrAcda4sHN2qteO7HBOobofpQ88wIGVNl1r9RPD72u9u2lMW2%2FwlTnBdp6h1r%2FDCnFy4XZkQFyepyTF9yasi2M3JQ5kYbEFben4iXCxwwYWLetqpI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 755a79e3d9b4b50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 01:03:14 GMT
Connection: keep-alive
ethers-airdrop.org/static/css/5.7fc9bc2b.chunk.css
188.114.97.1200 OK 2.4 kB URL HTTP/1.1 ethers-airdrop.org/static/css/5.7fc9bc2b.chunk.css
IP 188.114.97.1:0
File type ASCII text, with very long lines (27968)
Hash 387026ebc52c22075684d729a204c0e4
d1934512a4f806d5afa3f411e7ed8114aa129281
f5a2a25460e11fc2d1c4be71923d2458efb58ba85040be0885811277103957f0
GET /static/css/5.7fc9bc2b.chunk.css HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:14 GMT
Content-Type: text/css
Content-Length: 2417
Connection: keep-alive
last-modified: Sun, 02 Oct 2022 12:25:18 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Fr5JRZpxZvB7FqVK0LKz1M7HaQLCJux7gHC%2F1OrIULgcMbDLIBV%2BLzVLLhNmiRzyR3mxyYWbfTxrvXJI4z71iEccKNt5rnE6zqTjiW27AE0P87EIxy%2FEmI2mTumHM36KbyYxaww%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 755a79e3facfb4f1-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 01:03:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 01:03:14 GMT
Connection: keep-alive
ethers-airdrop.org/static/js/5.369f03df.chunk.js
188.114.97.1200 OK 21 kB URL HTTP/1.1 ethers-airdrop.org/static/js/5.369f03df.chunk.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (65462)
Hash d8cd2035680cd7e43b342930d64a2ff7
335f2c09496ae6e3063c5f750c5e1109afdeb155
dbb6041919e95b06fbb15a5d20b4326af35a43c8d5e64671c71bd1578faac114
Analyzer Verdict Alert fortinet Phishing
GET /static/js/5.369f03df.chunk.js HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:14 GMT
Content-Type: application/javascript
Content-Length: 21175
Connection: keep-alive
last-modified: Sun, 02 Oct 2022 12:25:18 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hKPjlOw0qmCJMqennnRJcQXmTLVw5UGBtpr0K84UeFC%2Ft%2BOMDjRz3xG%2BMSiXSC%2BQYFf4%2Fjhz16rQtQVGw3hONxK9wvfqIXwbrmXQYLzN3Y6KkBxr10LzgnF3jTqmvcDw5%2B%2B73eg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 755a79e3fb06b517-OSL
alt-svc: h2=":443"; ma=60
ethers-airdrop.org/static/js/6.ad2ca595.chunk.js
188.114.97.1200 OK 5.2 kB URL HTTP/1.1 ethers-airdrop.org/static/js/6.ad2ca595.chunk.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (17727)
Hash db7a174117e7c5e28acb252031863d3b
d65bbd029f5606223fcab82ff5ee8ee8fad80946
34d3419aeb2ce443e867bfb8cf98966f120b0c967b2be883c536d0dd613ef736
Analyzer Verdict Alert fortinet Phishing
GET /static/js/6.ad2ca595.chunk.js HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:14 GMT
Content-Type: application/javascript
Content-Length: 5188
Connection: keep-alive
last-modified: Sun, 02 Oct 2022 12:25:18 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PkUImlJ9GBb53yYvxRHl6XUHtFPAUyxdU4G45kM1hGFeBmlEo2rrtEzlMyXvILLJQpSpsgejOfLlkkn9oRQuNkRCzvuv56nQHFnQxzr5Pz6NcnYL1Ubze8ic6kvNugei%2BKm3dI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 755a79e3fdbbb529-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 01:03:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10330
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 01:03:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d3175ca-da8b-4a6f-a315-9f1d92299891.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d3175ca-da8b-4a6f-a315-9f1d92299891.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57f90a95d91632baf3b89d7b3b46361f
0f37ee870c8855919900c99204ffffe736548a3f
a3449e46854b90fdcda4a0ba83b4b0892a7888b17211d814c0db930116bb9a32
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d3175ca-da8b-4a6f-a315-9f1d92299891.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6693
x-amzn-requestid: 1531f482-cdf5-4506-ba1c-18a66173457b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQNxF45oAMFxJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa57-28e8e572281d5f110c26dcf1;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:47 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: EimZGdrj091jlG994mCq23siOMuN9SVgRGfKRMGeZW_nifQS_yUXaA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d2575afea3774df33dcf5e5ff475025e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:48 GMT
etag: "0f37ee870c8855919900c99204ffffe736548a3f"
content-type: image/jpeg
age: 11066
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ethers-airdrop.org/default.json
188.114.97.1200 OK 283 B URL HTTP/1.1 ethers-airdrop.org/default.json
IP 188.114.97.1:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (305)
Hash e4334e521a27292f907c5d6d7c708425
1c130408142fa2b812b7474dd0946270ffce1c0a
e776eee8e89d6250ba68f0b105cf4b6aefce05edebf3ef99fef84ae2464271f8
Analyzer Verdict Alert fortinet Phishing
GET /default.json HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:14 GMT
Content-Type: application/json
Content-Length: 283
Connection: keep-alive
last-modified: Wed, 27 Jul 2022 05:23:26 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jp%2FjDr7xZ%2BvLWX28pToxYFbptmNMEzQYob%2FJQphXWaRqGOxAoVTkuwOaCQjba8KoeT0COwcxPRG5AxJ3CAWHgtc6zfv7%2BM25%2BEk4CHuSaif2PV9oNaZbD9MVvre3yfIaGDm1okA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 755a79e40e20b518-OSL
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2d101e6535dfc8ea8c193d3e97c07e1d
d839f3aa41455d818da9a794b0688b1144b3a03a
d73e79f203ef50354e078de30fcb52d298e14ad53924e0387ab586a9cb4376a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8651
x-amzn-requestid: 8bbdbc11-92fe-4cdf-8469-1c1ffac9e65b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPLIGG0IAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df8ad-132ee26478d791850dd14462;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: KBuHj1vlNgk4oflp8uIxuxuPoWh7B7O0SWrMrNP-lAhnp2m53ttPMw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:18 GMT
age: 10436
etag: "d839f3aa41455d818da9a794b0688b1144b3a03a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e238ccaa3b9fa88476a8514855e8232f
447cbf348ef10d0136a1811e843c46937defbba1
43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7270
x-amzn-requestid: e5d0bb7a-b9d5-49b1-b51c-8db019da641f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQOGEQloAMFjgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa5a-519d91fb0b83920960da479d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:42:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: l1HGT5ycH36vVojsOPFptRSU1YJFvLbBsgiWJqzRlRIGgm2o5vf6jg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:56 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
content-type: image/jpeg
age: 11058
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5958f828ccc16a41b22d9ae812bccfc
f350f295dd70152712162d4be5b3b5f0d12cde57
230d7d8e570e433d18ec53b6ca114e2a206e8c265c0c66d73388c49db5c91c64
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa6646df0-31a7-4c5a-8148-5fe9e20f3baf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9338
x-amzn-requestid: 4ca2eb3c-eba4-43a4-b79a-89546da3d660
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQBfG7soAMF9cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfa09-1b5bd53052718f620b920a00;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:41:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 6pHftE0vUMqrH2NR_7DzrWlnD0yal7BkAfee7UeVG7DKZNEAYRa9HQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d1d67b07408bba8c682597d8303642e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:03:23 GMT
age: 10791
etag: "f350f295dd70152712162d4be5b3b5f0d12cde57"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e949d36-f543-4757-9bc2-dbfc1a880438.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e949d36-f543-4757-9bc2-dbfc1a880438.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e2d931d10ab5596a26616db46797f248
03bc7fa2fe6a4b291dc3ffb3ace50e21cf6478f4
15ac08b069bf5128c8def9d261ce1bd3834fbe7bbb17c49b69c07330a9f325fa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e949d36-f543-4757-9bc2-dbfc1a880438.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7597
x-amzn-requestid: 1c7002f7-2369-4547-82ff-b873f7b055b9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZdZPmFarIAMFTtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633ba263-785f9ddd7c8485be32388494;Sampled=0
x-amzn-remapped-date: Tue, 04 Oct 2022 03:02:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 9EP_hd2oRC9R-2ihddWSJIUV5xTGSiUOxNfAypAFXtiyU6ofgKVGzw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:26:34 GMT
age: 74200
etag: "03bc7fa2fe6a4b291dc3ffb3ace50e21cf6478f4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 75425
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ethers-airdrop.org/static/media/roboto-latin-400.176f8f5b.woff2
188.114.97.1200 OK 16 kB URL HTTP/1.1 ethers-airdrop.org/static/media/roboto-latin-400.176f8f5b.woff2
IP 188.114.97.1:0
File type Web Open Font Format (Version 2), TrueType, length 15736, version 1.0\012- data
Hash 479970ffb74f2117317f9d24d9e317fe
81c796737cbe44d4a719777f0aff14b73a3efb1e
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Analyzer Verdict Alert fortinet Phishing
GET /static/media/roboto-latin-400.176f8f5b.woff2 HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ethers-airdrop.org/static/css/3.ca6dcbae.chunk.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:15 GMT
Content-Type: font/woff2
Content-Length: 15736
Connection: keep-alive
last-modified: Sun, 02 Oct 2022 12:25:18 GMT
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ftG4wGBRr2svZKPHMQ4VlRzWfpFHC6EHxzFZsNI%2BQB9qZdBU%2BLnrmNzAGEbP9Jwznt1USeo%2BEAr0jc%2BDpFkekczlkqplPxxUlkoIheEKdHEU6cXrbzDF4g75ZsObG8wZ4Xtj9FQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755a79e34964b50f-OSL
alt-svc: h2=":443"; ma=60
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0e79b2383cac2baf79d2527702c4767b
0f98f7017d3530ca0ccbaf7da6f5dc1b55d63347
e71f579b911cd759f591393bc408e0e393b5e38232e6aabbbaafcc8054512d6f
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:15 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 17:39:00 GMT
Expires: Wed, 12 Oct 2022 17:38:59 GMT
Etag: "0f98f7017d3530ca0ccbaf7da6f5dc1b55d63347"
Cache-Control: max-age=577543,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 755a79e6ba80b521-OSL
ethers-airdrop.org/static/media/roboto-latin-500.f5b74d7f.woff2
188.114.97.1200 OK 16 kB URL HTTP/1.1 ethers-airdrop.org/static/media/roboto-latin-500.f5b74d7f.woff2
IP 188.114.97.1:0
File type Web Open Font Format (Version 2), TrueType, length 15872, version 1.0\012- data
Hash 020c97dc8e0463259c2f9df929bb0c69
8f956a31154047d1b6527b63db2ecf0f3a463f24
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Analyzer Verdict Alert fortinet Phishing
GET /static/media/roboto-latin-500.f5b74d7f.woff2 HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ethers-airdrop.org/static/css/3.ca6dcbae.chunk.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:15 GMT
Content-Type: font/woff2
Content-Length: 15872
Connection: keep-alive
last-modified: Sun, 02 Oct 2022 12:25:18 GMT
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNUf0%2Bz17hoTxyM%2FjwaywHqBiu49280dGFS8gwi1GtQBdBDr75PP6Lwf0QhNWixQRvb0FdGZJd2oflxebING6UubX9lCUwJ8oyajMWuHx1O6mMXxbA89CKkUYET1z1ll%2B71gieE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755a79e67ad9b50f-OSL
alt-svc: h2=":443"; ma=60
ethers-airdrop.org/static/media/roboto-latin-300.37a7069d.woff2
188.114.97.1200 OK 16 kB URL HTTP/1.1 ethers-airdrop.org/static/media/roboto-latin-300.37a7069d.woff2
IP 188.114.97.1:0
File type Web Open Font Format (Version 2), TrueType, length 15784, version 1.0\012- data
Hash ef7c6637c68f269a882e73bcb57a7f6a
65025b0cedc3b795c87ad050443c09081d1a8581
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
Analyzer Verdict Alert fortinet Phishing
GET /static/media/roboto-latin-300.37a7069d.woff2 HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ethers-airdrop.org/static/css/3.ca6dcbae.chunk.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:15 GMT
Content-Type: font/woff2
Content-Length: 15784
Connection: keep-alive
last-modified: Sun, 02 Oct 2022 12:25:18 GMT
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ae9pY%2BJT7wape7A%2F%2FjPwt9SnI4nFASqUndGZqjm6cL4x%2BMkpvwdNM9EeeALTOHBvSGU55B3Ju1jc4c3inEcEf8k81pAoMPyRqkcPb45q8p4xx7KVjeQm6fygWoqN7L04RdRqbRA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755a79e71c0bb4f1-OSL
alt-svc: h2=":443"; ma=60
ethers-airdrop.org/assets/images/marketMobileDashboard.png
188.114.97.1200 OK 3.6 kB URL HTTP/1.1 ethers-airdrop.org/assets/images/marketMobileDashboard.png
IP 188.114.97.1:0
File type PNG image data, 227 x 417, 8-bit/color RGBA, non-interlaced\012- data
Hash a571b231f9a9c57dbce29e264add8b04
7ff70a672d69db936f9564b0abf9a9f3e504564e
71cf7ee85594cf709414f0c0789159419175a4cb74a43fb11ede9d1f10c55a79
GET /assets/images/marketMobileDashboard.png HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:15 GMT
Content-Type: image/png
Content-Length: 3649
Connection: keep-alive
last-modified: Thu, 28 Jul 2022 01:29:58 GMT
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T9CAA3Z9rD%2FqCAQ9tDrWlffzwVEgIqDFJs%2BMddr5Jkbuet9LzHrOBoNV5WCbAUrlUnVOxj2E76jtNdb3P4rwMP5n02DyZprVP8OEa4QjF7BzIwq4qsDDi0Fyy5nJF5NopXBFaOQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755a79e75f8eb529-OSL
alt-svc: h2=":443"; ma=60
ethers-airdrop.org/assets/logo/VLAUNCH.png
188.114.97.1200 OK 11 kB URL HTTP/1.1 ethers-airdrop.org/assets/logo/VLAUNCH.png
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Hash 6c78477764512f3a0099ada0ee3ce6ce
0cbe39ae78502eda6ebfabd689b32640a32fee41
ab2ebc5138f2ecef13ef721e15338402e7aa48f6997712751aac60d68b3c02e3
GET /assets/logo/VLAUNCH.png HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:15 GMT
Content-Type: image/png
Content-Length: 11256
Connection: keep-alive
last-modified: Wed, 27 Jul 2022 05:23:28 GMT
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ou9r4%2FGUJem1btIbtthLpFa2AoAuSaqVRzWosLGtXWyqMSrpQsydEovDwhTXggd9AiOUcEYNIqpaTSJi2mS4byDP%2Bv3juk%2FdUu0gkm6u4djG6TowRzgX93rYuw88KlfplnHp4EY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755a79e79b56b512-OSL
alt-svc: h2=":443"; ma=60
ethers-airdrop.org/static/media/roboto-latin-700.c18ee39f.woff2
188.114.97.1200 OK 16 kB URL HTTP/1.1 ethers-airdrop.org/static/media/roboto-latin-700.c18ee39f.woff2
IP 188.114.97.1:0
File type Web Open Font Format (Version 2), TrueType, length 15816, version 1.0\012- data
Hash 2735a3a69b509faf3577afd25bdf552e
8621aff863b67040010ccc183da5b9079ce6fd1d
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Analyzer Verdict Alert fortinet Phishing
GET /static/media/roboto-latin-700.c18ee39f.woff2 HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ethers-airdrop.org/static/css/3.ca6dcbae.chunk.css
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:15 GMT
Content-Type: font/woff2
Content-Length: 15816
Connection: keep-alive
last-modified: Sun, 02 Oct 2022 12:25:18 GMT
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tUSJkO4qfUXWdU3oFc%2BLk8Vpu41w3OZC4cW6pvJzqguYxYF0MLmxtWaxjFlQwWM0uVikWFGrsH70D81xQSu%2FFu9ndZQA2FUOHNtZiSomy5AtwCnSAI4VyPE1pFQVecfY3giC4Dw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755a79e71c3ab517-OSL
alt-svc: h2=":443"; ma=60
ethers-airdrop.org/assets/images/VLAUNCH.png
188.114.97.1200 OK 11 kB URL HTTP/1.1 ethers-airdrop.org/assets/images/VLAUNCH.png
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 640x640, components 3\012- data
Hash 6c78477764512f3a0099ada0ee3ce6ce
0cbe39ae78502eda6ebfabd689b32640a32fee41
ab2ebc5138f2ecef13ef721e15338402e7aa48f6997712751aac60d68b3c02e3
GET /assets/images/VLAUNCH.png HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:15 GMT
Content-Type: image/png
Content-Length: 11256
Connection: keep-alive
last-modified: Wed, 27 Jul 2022 05:23:26 GMT
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aTUuNMIHbBqL45DMNz7CdlLXQqGH5bDSRsQOEonVqtmqIhMynwyfYi9VasZLAXeaqzhE7Fz2yb31hXozCnchUPBGPGvkBV7NcHjFy3IXvqwb074tdxTl5eYtku%2Fj7bSrN953Gb4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755a79e8fbdeb50f-OSL
alt-svc: h2=":443"; ma=60
ethers-airdrop.org/assets/images/homeBackground.jpg
188.114.97.1200 OK 834 kB URL HTTP/1.1 ethers-airdrop.org/assets/images/homeBackground.jpg
IP 188.114.97.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 144x144, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2], baseline, precision 8, 4964x2954, components 3\012- data
Size 834 kB (833473 bytes)
Hash 7cda148ca7a8a751fc7e4319708e1dae
90da4f7b2de984cab5745c47e7f510ded6b0a298
2ba4116bebfb7a97f981f2d09f5d60af56ec3cffdc3cc369cf945f1b3b984932
GET /assets/images/homeBackground.jpg HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:15 GMT
Content-Type: image/jpeg
Content-Length: 833473
Connection: keep-alive
last-modified: Thu, 28 Jul 2022 01:29:58 GMT
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=11DtE1UYhJ1RJjZNnugTE63bZ9UqF1Sfz8ckru03tbu0abPnovJ2tKFOkkjVxfGP574kpi8lvculBBLLl7kDKkqKmClywoo9dS6Do2H4e0eRs96IhhAMv%2FpBsmACwE7mzG0agpI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755a79e71b0ab50f-OSL
alt-svc: h2=":443"; ma=60
spotairdrop.orbitinu.store/get-switch
162.213.255.10200 OK 4 B URL HTTP/2 spotairdrop.orbitinu.store/get-switch
IP 162.213.255.10:0
File type ASCII text, with no line terminators
Hash b326b5062b2f0e69046810717534cb09
5ffe533b830f08a0326348a9160afafc8ada44db
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
GET /get-switch HTTP/1.1
Host: spotairdrop.orbitinu.store
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ethers-airdrop.org
Connection: keep-alive
Referer: http://ethers-airdrop.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-powered-by: Express
access-control-allow-origin: *
content-type: text/html; charset=utf-8
etag: W/"4-X/5TO4MPCKAyY0ipFgr6/IraRNs"
content-length: 4
date: Thu, 06 Oct 2022 01:03:16 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ethers-airdrop.org/logo.png
188.114.97.1200 OK 41 kB URL HTTP/1.1 ethers-airdrop.org/logo.png
IP 188.114.97.1:0
File type PNG image data, 500 x 500, 8-bit/color RGBA, non-interlaced\012- data
Hash 1e710c0384aa9e7ccf5bef4fbfdd0f6d
f23146e850de9f2d3f043d0b76d047e7738976c9
1f1fbd642c44f1e7843d54b60a4e452a633550d515310afcabb188ad7a47d891
GET /logo.png HTTP/1.1
Host: ethers-airdrop.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ethers-airdrop.org/
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 01:03:17 GMT
Content-Type: image/png
Content-Length: 40704
Connection: keep-alive
last-modified: Thu, 28 Jul 2022 01:29:58 GMT
x-turbo-charged-by: LiteSpeed
Cache-Control: max-age=14400
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7vkTuuP4Ok3zga5Rffu%2FkfX7DnmRCYAKxAkj47cFX6FEvVRFocAJ2C1tKZ9kUUENWa7nV%2F8%2ByQugsNQ1H5eAHRB0HJVNdKffse9nN78rJjAKxH%2BxLgzVpK4Ms3%2FFzdCNQ4D5CM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755a79f2d83cb50f-OSL
alt-svc: h2=":443"; ma=60