r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e717435470c9f4f06b174d7100c6a98f
292150251495b243c384e0c676a258597ba7f4d8
91ce8257662cb8cea9cc3c74cda1d95dba421daa466b0ac231fa433e0c58e6c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "91CE8257662CB8CEA9CC3C74CDA1D95DBA421DAA466B0AC231FA433E0C58E6C6"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10372
Expires: Wed, 28 Dec 2022 21:27:40 GMT
Date: Wed, 28 Dec 2022 18:34:48 GMT
Connection: keep-alive
metamasknev.dedyn.io/secure.php
194.49.94.116200 OK 5.7 kB URL HTTP/1.1 metamasknev.dedyn.io/secure.php
IP 194.49.94.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1843)
Hash 252850d75f0bd22f6e0cd905b9cd1933
21da437c53b96a1d9876b49f8ceabf27171c01aa
e4a87103f56d6800aa5a07b048535aaa99f20f10ba9eaa45b544ee93a92bf8a7
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
GET /secure.php HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 5655
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 07e619a5a572fa9bcb54fa70de27f0d4
c0499dcc7551831f517f189465812859d0f48ced
2213c856ce4dd64ebe28e4deff34d449b2c08be98565c0405427453ae948fa74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2213C856CE4DD64EBE28E4DEFF34D449B2C08BE98565C0405427453AE948FA74"
Last-Modified: Tue, 27 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7261
Expires: Wed, 28 Dec 2022 20:35:49 GMT
Date: Wed, 28 Dec 2022 18:34:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 259d3eba2ac4ea32f0410a59bd01c18a
ab02cd69e6c04e3842ad1778fb0daa6d0e86fddc
0d6ec941dac6d97a0b24c0cf00a5642a4edda68ae5ec8b3019d1ec05f40d2281
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0D6EC941DAC6D97A0B24C0CF00A5642A4EDDA68AE5EC8B3019D1EC05F40D2281"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9006
Expires: Wed, 28 Dec 2022 21:04:54 GMT
Date: Wed, 28 Dec 2022 18:34:48 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: dauYwXECk8QnMWvPH+eQ5rd2MHxgeVjtu+BbpNeRoS1p+/mkcZKLJXCQDrUptbgsm01BsclTTlg=
x-amz-request-id: MAN1TYS8E4GDJ5T2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 28 Dec 2022 17:56:16 GMT
age: 2312
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Dec 2022 18:34:48 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 28 Dec 2022 17:46:47 GMT
content-type: application/json
age: 2881
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
metamasknev.dedyn.io/meta/normalize.css
194.49.94.116200 OK 2.7 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/normalize.css
IP 194.49.94.116:0
Hash b165f8d0baec3b8976de14634861b941
f7eabfa6844712979ef5e274f275c5be39fdc86f
91404eaa9c2b59e842d6694c3bb2128e21253a1780a4a75e33571ed659bd4d8e
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/normalize.css HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Type: text/css
Last-Modified: Mon, 26 Dec 2022 18:20:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a9e604-1e5c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
metamasknev.dedyn.io/meta/plx.chock.js
194.49.94.116200 OK 311 B URL HTTP/1.1 metamasknev.dedyn.io/meta/plx.chock.js
IP 194.49.94.116:0
Hash bc6a4fa1a731b1746c1d21f104bd6064
865b9fd0868954c03f838366eb2449bab5d388d6
d88bca135a10c80b24a4185a4a08f209c151d82c946a9327ef58590fa12e211b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/plx.chock.js HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Type: application/javascript
Last-Modified: Mon, 26 Dec 2022 18:20:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a9e604-d41"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c6af90f016d8e2a96c05a34ddb9ebbab
f1440025eeec8413fbe4e8d6a49779d1c8cdd9ef
77c0e58bd42f70ec82dcbc502a00e4cca6bf4c198c049a2a0181ba6008d14441
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
metamasknev.dedyn.io/meta/storage.secure.min.js.download
194.49.94.116200 OK 13 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/storage.secure.min.js.download
IP 194.49.94.116:0
File type ASCII text, with very long lines (38562), with no line terminators
Hash 79e7d68549291cc082c85f94b73ee13c
e065402b005d2fd7105c9a12adf961a58a4deb96
0adedf6a93b53bc365a213c28a4b10d8af539d8fe55c283cbd3c532a0bc0875a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/storage.secure.min.js.download HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Type: application/javascript
Content-Length: 13194
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:20:58 GMT
ETag: "96a2-5f0bf3269337a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
metamasknev.dedyn.io/meta/css
194.49.94.116200 OK 684 B URL HTTP/1.1 metamasknev.dedyn.io/meta/css
IP 194.49.94.116:0
Hash 147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/css HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Length: 684
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:20:39 GMT
ETag: "2ac-5f0bf3147b484"
Accept-Ranges: bytes
metamasknev.dedyn.io/meta/tag.js.download
194.49.94.116200 OK 7.5 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/tag.js.download
IP 194.49.94.116:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 3bdf59c9ec85ec43d46e5cf9edda2e96
a06ccc8d75554a7e44dd8ce9656e90420b42f38b
d964494995ee4b7de40b3569370e33773c447c759a21fbb3e746e53b61449b35
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/tag.js.download HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Type: application/javascript
Content-Length: 7541
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:20:59 GMT
ETag: "5494-5f0bf32791211-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
metamasknev.dedyn.io/meta/webfont.js.download
194.49.94.116200 OK 5.4 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/webfont.js.download
IP 194.49.94.116:0
File type ASCII text, with very long lines (2134)
Hash 3fce8a085ab686f338e296d255f36db1
2da74358f4d36675c1bfa6ee5ee489e6e54bf401
9f9bbf22ba311465b6bb4c6944f94e2b97caea58227fafef64cf18b9181099c6
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/webfont.js.download HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Type: application/javascript
Content-Length: 5415
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:21:02 GMT
ETag: "3384-5f0bf32a75611-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
metamasknev.dedyn.io/meta/analytics.js.download
194.49.94.116200 OK 20 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/analytics.js.download
IP 194.49.94.116:0
File type ASCII text, with very long lines (1325)
Hash 10a56c6d4548a14f26148658875fad03
6610f39acded54bb7561df9319bd118c46446578
83cac08947ffc888ac5ba674433da3d3b5fda4c988923228ca36aa94b919943b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/analytics.js.download HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Type: application/javascript
Content-Length: 20042
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:20:37 GMT
ETag: "c41d-5f0bf311e23aa-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c6af90f016d8e2a96c05a34ddb9ebbab
f1440025eeec8413fbe4e8d6a49779d1c8cdd9ef
77c0e58bd42f70ec82dcbc502a00e4cca6bf4c198c049a2a0181ba6008d14441
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:34:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
metamasknev.dedyn.io/meta/enterprise.js.download
194.49.94.116200 OK 614 B URL HTTP/1.1 metamasknev.dedyn.io/meta/enterprise.js.download
IP 194.49.94.116:0
File type ASCII text, with very long lines (1008), with no line terminators
Hash 533554dfe842696d43cbbe1be26c9d4b
4bc96c1c9afdca5fddb20c7b172a13afa5cb46e4
f480ee9ffad021062c3251c62acf39842c0fa7e71c7dccdd91ee30524fccb84d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/enterprise.js.download HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Type: application/javascript
Content-Length: 614
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:20:40 GMT
ETag: "3f0-5f0bf3157b25a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
metamasknev.dedyn.io/meta/js
194.49.94.116200 OK 92 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/js
IP 194.49.94.116:0
File type ASCII text, with very long lines (1815)
Hash fb2ab9b8632250b0d7aa50c08150cfe1
73b3f266ac08c9fb07e1de1664fed384ccd5bc86
5d419e0ff614b331e4f8fed2ba7c1380b1f5983f98d820a6a0f7040b55f60b5b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/js HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Length: 92325
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:20:46 GMT
ETag: "168a5-5f0bf31b236ba"
Accept-Ranges: bytes
metamasknev.dedyn.io/meta/recaptcha__nl.js.download
194.49.94.116200 OK 138 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/recaptcha__nl.js.download
IP 194.49.94.116:0
File type ASCII text, with very long lines (820)
Size 138 kB (137504 bytes)
Hash 2128869002ee143c12253efdafd190a4
9781a8b2fa7342367a7ef81a70ad7234ad6505bb
bb787fc0dfa0c02a27b4e75825e9c4e0839637f02fda1b60b645719bbfad663b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/recaptcha__nl.js.download HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:20:54 GMT
ETag: "56577-5f0bf322880a0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
metamasknev.dedyn.io/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
194.49.94.116200 OK 31 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP 194.49.94.116:0
File type ASCII text, with very long lines (65451)
Hash 888c5fa4504182a0224b264a1fda0e73
65f058a7dead59a8063362241865526eb0148f16
7d757e510b1f0c4d44fd98cc0121da8ca4f44793f8583debdef300fb1dbd3715
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Type: application/javascript
Content-Length: 30910
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:20:45 GMT
ETag: "15d84-5f0bf319bc09a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
metamasknev.dedyn.io/meta/webflow.css
194.49.94.116200 OK 9.3 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/webflow.css
IP 194.49.94.116:0
File type Unicode text, UTF-8 text, with very long lines (2587)
Hash df537de16df2e7abb3a9474300085194
19823a9c07322292173a31cbb15faed3cb97855a
c808edb13043989f1d4f886fa1f0e1a3aaa472f0d8a229f74429b04c13c08813
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/webflow.css HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Type: text/css
Last-Modified: Mon, 26 Dec 2022 18:21:01 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a9e60d-98c5"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
metamasknev.dedyn.io/meta/metamask-staging-2.webflow.css
194.49.94.116200 OK 18 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/metamask-staging-2.webflow.css
IP 194.49.94.116:0
Hash 402610e387a82f07a01ef9a7d23f5dc6
ab85b73dc73a4bc122171d30f5f089412eca2f90
3e4c00784d295df44cc2f8f2fdba66d2a25666bfef9325cbba650789792448ca
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/metamask-staging-2.webflow.css HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Type: text/css
Last-Modified: Mon, 26 Dec 2022 18:20:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a9e602-22b37"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
metamasknev.dedyn.io/meta/v2.js.download
194.49.94.116200 OK 149 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/v2.js.download
IP 194.49.94.116:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 149 kB (148638 bytes)
Hash aabbe994076242a245286bc922bda4e8
d63478266828cbe11bafbf5102dae09818260115
48b39c6f1598c489b94e5d44ddb60514363cd904b3720b6b9730ce276bcf7cba
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/v2.js.download HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:21:00 GMT
ETag: "8d511-5f0bf328a38c9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
metamasknev.dedyn.io/meta/jsonp
194.49.94.116200 OK 278 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/jsonp
IP 194.49.94.116:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 278 kB (278382 bytes)
Hash 7efac8c0fa8e30db7a423500ef59abab
be73717f776f24dd31498c27a1b02b784570d5bb
102411780270584690575675e14e574ef8a16cf6fdd5700d5682e68a8d2cc00d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/jsonp HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:48 GMT
Content-Length: 278382
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:20:47 GMT
ETag: "43f6e-5f0bf31b8af03"
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Changa+One:400,400italic
142.250.74.106200 OK 301 B URL HTTP/1.1 fonts.googleapis.com/css?family=Changa+One:400,400italic
IP 142.250.74.106:0
Hash 7fb212f619185f162769684274cb1dfe
414b678cfcbcd25c44569e72369a8218bea8756d
d53161ae9523414449dd0f7083f66fda679084bac2cb18a92b884a43616c1fd5
GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Wed, 28 Dec 2022 18:34:49 GMT
Date: Wed, 28 Dec 2022 18:34:49 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 28 Dec 2022 18:33:30 GMT
age: 79
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b679e7c79765f76fd0c1c33a9233ee85
6542d96f6027699e6e380572c78f6b8dacc80155
3cc09b13f4ed9fc5a713b0f2f1e4b7d00259319c62189b885329afcad5bebf0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=427375702&t=pageview&_s=1&dl=http%3A%2F%2Fmetamasknev.dedyn.io%2Fsecure.php&ul=en-us&de=UTF-8&dt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAUABEAAAAC~&jid=1675028&gjid=1008585556&cid=503274505.1672252484&tid=UA-37075177-6&_gid=922191192.1672252484&_r=1>m=2ouc10&z=1515484790
142.250.74.110200 OK 1 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=427375702&t=pageview&_s=1&dl=http%3A%2F%2Fmetamasknev.dedyn.io%2Fsecure.php&ul=en-us&de=UTF-8&dt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAUABEAAAAC~&jid=1675028&gjid=1008585556&cid=503274505.1672252484&tid=UA-37075177-6&_gid=922191192.1672252484&_r=1>m=2ouc10&z=1515484790
IP 142.250.74.110:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j96&aip=1&a=427375702&t=pageview&_s=1&dl=http%3A%2F%2Fmetamasknev.dedyn.io%2Fsecure.php&ul=en-us&de=UTF-8&dt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&sd=24-bit&sr=1280x1024&vp=1280x939&je=0&_u=aEBAAUABEAAAAC~&jid=1675028&gjid=1008585556&cid=503274505.1672252484&tid=UA-37075177-6&_gid=922191192.1672252484&_r=1>m=2ouc10&z=1515484790 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://metamasknev.dedyn.io
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://metamasknev.dedyn.io
date: Wed, 28 Dec 2022 18:34:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash b679e7c79765f76fd0c1c33a9233ee85
6542d96f6027699e6e380572c78f6b8dacc80155
3cc09b13f4ed9fc5a713b0f2f1e4b7d00259319c62189b885329afcad5bebf0a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 125553386d49a0b56facb82deab9bd9f
1a7480b79f4aada477fb5919794f6efd6d44921e
6f3f4223d3c994dd4754df67a11298d736e16f888f301ad2838d0b4db1ac01d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1884
Cache-Control: max-age=140602
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:34:49 GMT
Etag: "63ac0727-1d7"
Expires: Fri, 30 Dec 2022 09:38:11 GMT
Last-Modified: Wed, 28 Dec 2022 09:06:47 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
fonts.googleapis.com/icon?family=Material+Icons
142.250.74.106200 OK 812 B URL HTTP/2 fonts.googleapis.com/icon?family=Material+Icons
IP 142.250.74.106:0
Hash e834608e0c65e4415aac44bf07b05752
49f2ae80de52e6ed58dbd6654083ce3057195fc3
1c0c0de5f6c320ca410fa4e1e4be179b595b0c0447fb3138e4f412250794427c
GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Dec 2022 18:34:48 GMT
date: Wed, 28 Dec 2022 18:34:48 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0ec16159a677d3d5e126569e7a8f0b90
db406aaa85383753a4fc45e5ca5b3605c9a8ac3a
aed7a29a058e14b1d03d49752071a4e5f374fb6a04f73c90cfed2cd51db4c384
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2022 04:31:53 GMT
Expires: Tue, 03 Jan 2023 04:31:52 GMT
Etag: "db406aaa85383753a4fc45e5ca5b3605c9a8ac3a"
Cache-Control: max-age=467222,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 780c646aebaeb4f7-OSL
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0ec16159a677d3d5e126569e7a8f0b90
db406aaa85383753a4fc45e5ca5b3605c9a8ac3a
aed7a29a058e14b1d03d49752071a4e5f374fb6a04f73c90cfed2cd51db4c384
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 27 Dec 2022 04:31:53 GMT
Expires: Tue, 03 Jan 2023 04:31:52 GMT
Etag: "db406aaa85383753a4fc45e5ca5b3605c9a8ac3a"
Cache-Control: max-age=467222,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 780c646aec66b50c-OSL
fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
216.58.207.227200 OK 8.4 kB URL HTTP/1.1 fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Hash 141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://metamasknev.dedyn.io
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 8404
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 27 Dec 2022 05:06:39 GMT
Expires: Wed, 27 Dec 2023 05:06:39 GMT
Cache-Control: public, max-age=31536000
Age: 134890
Last-Modified: Thu, 21 Apr 2022 17:15:41 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/1.1 fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18
GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://metamasknev.dedyn.io
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7900
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 27 Dec 2022 23:10:37 GMT
Expires: Wed, 27 Dec 2023 23:10:37 GMT
Cache-Control: public, max-age=31536000
Age: 69852
Last-Modified: Thu, 21 Apr 2022 17:15:19 GMT
Content-Type: font/woff2
metamasknev.dedyn.io/meta/mm-logo.svg
194.49.94.116200 OK 3.4 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/mm-logo.svg
IP 194.49.94.116:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Hash fe5cd5ed43a0fad22921e5ccf7f227e1
700b6b72c9bf320bb0412e17de6d7bc0b8d55888
2043092e404254e6b01d4ba210ae0b703c5364d0c7404c5f0dd4853b58bc2872
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/mm-logo.svg HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Type: image/svg+xml
Last-Modified: Mon, 26 Dec 2022 18:20:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a9e602-2ef3"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
push.services.mozilla.com/
34.213.140.56101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.213.140.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tFC5U8ZuYDYYkinnFm4HhA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xHQS1Hwp+P0kZ+LGz6O1gfgYR8g=
metamasknev.dedyn.io/meta/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
194.49.94.116200 OK 7.9 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP 194.49.94.116:0
File type Web Open Font Format (Version 2), TrueType, length 7924, version 1.0\012- data
Hash 8c62104f4329ec3e675fbbf952e5760e
d3acaba572770ca428956ec6be406995e6ee9c0c
e2bce7e3f85456cb30a1803f8f261157ca8922d7e0b1c5baf421d65cfd87619d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/meta/css
Cookie: _ga=GA1.3.503274505.1672252484; _gid=GA1.3.922191192.1672252484; _gat_gtag_UA_37075177_6=1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Length: 7924
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:21:03 GMT
ETag: "1ef4-5f0bf32b60bc6"
Accept-Ranges: bytes
metamasknev.dedyn.io/meta/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
194.49.94.116200 OK 8.4 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP 194.49.94.116:0
File type Web Open Font Format (Version 2), TrueType, length 8364, version 1.0\012- data
Hash 7d2d5a1272e235228039f306a0a45275
5f33ba8abd5506e1c58c3e6771872eaa712ba19f
9c6596dccd4b15e7ab0a21d6b35c75d0f0531d258f342869890165ac974706b3
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/meta/css
Cookie: _ga=GA1.3.503274505.1672252484; _gid=GA1.3.922191192.1672252484; _gat_gtag_UA_37075177_6=1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Length: 8364
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:21:04 GMT
ETag: "20ac-5f0bf32c1e316"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 107c7b24cc9711281977c9e9094da7af
18e6f30a0dbc072380e414236b2a8296e7a7f6f6
c8a97836b9b198c55753dd8e72c0ae03fe473f02f098deb2c4145b677d19be08
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:34:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dcffd752df4e792a8c20dfc07f01aa7f
936e935cad0ad73e21b6591e5859f81f1abb6a14
0d243c948b06c392e7538acc7026d1920aba154a9ce3a5e6c19f17701899ebc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5893
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:34:49 GMT
Last-Modified: Wed, 28 Dec 2022 16:56:37 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
metamasknev.dedyn.io/meta/saved_resource.html
194.49.94.116200 OK 10 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/saved_resource.html
IP 194.49.94.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32691)
Hash 6ded262520571cac706ff20889e39148
2d3316b6de0e7aab1ebc0b87a002dc378dfb92d7
acf89c9fb739a4433cf24f93aba185801dd45b7a56190e1851bd3a7a844f05c4
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/saved_resource.html HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
Cookie: _ga=GA1.3.503274505.1672252484; _gid=GA1.3.922191192.1672252484; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Type: text/html
Last-Modified: Mon, 26 Dec 2022 18:20:56 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a9e608-d79f"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
metamasknev.dedyn.io/meta/saved_resource(1).html
194.49.94.116200 OK 152 B URL HTTP/1.1 metamasknev.dedyn.io/meta/saved_resource(1).html
IP 194.49.94.116:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/saved_resource(1).html HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
Cookie: _ga=GA1.3.503274505.1672252484; _gid=GA1.3.922191192.1672252484; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Type: text/html
Content-Length: 152
Last-Modified: Mon, 26 Dec 2022 18:20:53 GMT
Connection: keep-alive
ETag: "63a9e605-98"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
216.58.207.227200 OK 128 kB URL HTTP/2 fonts.gstatic.com/s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size 128 kB (128352 bytes)
Hash 53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
GET /s/materialicons/v139/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://metamasknev.dedyn.io
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Dec 2022 20:33:17 GMT
expires: Fri, 22 Dec 2023 20:33:17 GMT
cache-control: public, max-age=31536000
age: 511292
last-modified: Thu, 25 Aug 2022 00:26:06 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
metamasknev.dedyn.io/meta/EuclidCircularB-Bold-WebXL.woff2
194.49.94.116200 OK 44 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/EuclidCircularB-Bold-WebXL.woff2
IP 194.49.94.116:0
File type Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Hash 9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/meta/metamask-staging-2.webflow.css
Cookie: _ga=GA1.3.503274505.1672252484; _gid=GA1.3.922191192.1672252484; _gat_gtag_UA_37075177_6=1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Length: 44544
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:20:41 GMT
ETag: "ae00-5f0bf315b7b20"
Accept-Ranges: bytes
metamasknev.dedyn.io/meta/anchor.html
194.49.94.116200 OK 21 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/anchor.html
IP 194.49.94.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33133)
Hash 1637332fad552bd7e6012b16bee6f1b2
6fcc76738c90624cf69dc22c24e1725f158b033e
04a3661e5408084c38e7a1808f4cb39e81147c4e4d460c9eef23aa3f551892c8
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/anchor.html HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
Cookie: _ga=GA1.3.503274505.1672252484; _gid=GA1.3.922191192.1672252484; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Type: text/html
Last-Modified: Mon, 26 Dec 2022 18:20:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a9e5f6-a489"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
metamasknev.dedyn.io/meta/EuclidCircularB-Regular-WebXL.woff2
194.49.94.116200 OK 45 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/EuclidCircularB-Regular-WebXL.woff2
IP 194.49.94.116:0
File type Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Hash 2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/meta/metamask-staging-2.webflow.css
Cookie: _ga=GA1.3.503274505.1672252484; _gid=GA1.3.922191192.1672252484; _gat_gtag_UA_37075177_6=1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Length: 45196
Connection: keep-alive
Last-Modified: Mon, 26 Dec 2022 18:20:41 GMT
ETag: "b08c-5f0bf3169b3d4"
Accept-Ranges: bytes
metamasknev.dedyn.io/meta/bframe.html
194.49.94.116200 OK 4.0 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/bframe.html
IP 194.49.94.116:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Hash c587ab42a282d6c243ccdf26f3b2b4a5
3017f8da1067dc39bc55d915873c7456e098f7cb
ad6fd7b6842e8492b18042e0da29e7cdcc982c9419c2613a00487804c08ac513
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/bframe.html HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/secure.php
Cookie: _ga=GA1.3.503274505.1672252484; _gid=GA1.3.922191192.1672252484; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Type: text/html
Last-Modified: Mon, 26 Dec 2022 18:20:38 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a9e5f6-2c58"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
va.v.liveperson.net/api/js/88982875?sid=oH2Qhzs8QzCWPk58eMieCA&cb=lpCb50195x86975&t=ip&ts=1639498872221&pid=8378416840&tid=120975428&vid=E1ZmVlMDY2Mjk2ZDhiZDg5
208.89.12.87200 OK 594 B URL HTTP/2 va.v.liveperson.net/api/js/88982875?sid=oH2Qhzs8QzCWPk58eMieCA&cb=lpCb50195x86975&t=ip&ts=1639498872221&pid=8378416840&tid=120975428&vid=E1ZmVlMDY2Mjk2ZDhiZDg5
IP 208.89.12.87:0
Hash 84c395c12872d89ad055e38a6e3df981
405f4c04a463037dc13b00c3f3cc44cca64a6fc5
4bf7e286d28b4db9b896aa0196590e1f90e6b4719a51f14d87e5648fce39c821
GET /api/js/88982875?sid=oH2Qhzs8QzCWPk58eMieCA&cb=lpCb50195x86975&t=ip&ts=1639498872221&pid=8378416840&tid=120975428&vid=E1ZmVlMDY2Mjk2ZDhiZDg5 HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 18:34:49 GMT
content-type: application/javascript
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
metamasknev.dedyn.io/meta/Institutional-Illustration.png
194.49.94.116200 OK 290 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/Institutional-Illustration.png
IP 194.49.94.116:0
File type PNG image data, 876 x 1040, 8-bit/color RGBA, non-interlaced\012- data
Size 290 kB (289564 bytes)
Hash 85607339bb7e3cc70e1b7568ed4d29b2
7c6301d70e1ab599857be6e9795b94418cef6079
5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/Institutional-Illustration.png HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/meta/metamask-staging-2.webflow.css
Cookie: _ga=GA1.3.503274505.1672252484; _gid=GA1.3.922191192.1672252484; _gat_gtag_UA_37075177_6=1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Type: image/png
Content-Length: 289564
Last-Modified: Mon, 26 Dec 2022 18:20:45 GMT
Connection: keep-alive
ETag: "63a9e5fd-46b1c"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9f0c64423efdf932116c803edf02f87c
6c6970f38daaf4966b2813608aa90d1088e481b5
303076a11db49da9585b3bbf87265a91d7534f944e71265f417b9a767e576369
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5899
Cache-Control: max-age=148234
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:34:49 GMT
Etag: "63ac1548-117"
Expires: Fri, 30 Dec 2022 11:45:23 GMT
Last-Modified: Wed, 28 Dec 2022 10:07:04 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
metamasknev.dedyn.io/meta/styles__ltr.css
194.49.94.116200 OK 24 kB URL HTTP/1.1 metamasknev.dedyn.io/meta/styles__ltr.css
IP 194.49.94.116:0
File type ASCII text, with very long lines (52368), with no line terminators
Hash ebdf18f77541c94124d305c6995475cb
7d3de2b58de6e2aeb9ab5a73254829544e7fe24d
db4b6017d7f9a8c675bfa68021f3eeb0246016de004efc8e28a23b97df0da71e
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/styles__ltr.css HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/meta/anchor.html
Cookie: _ga=GA1.3.503274505.1672252484; _gid=GA1.3.922191192.1672252484; _gat_gtag_UA_37075177_6=1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Type: text/css
Last-Modified: Mon, 26 Dec 2022 18:20:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"63a9e60a-cc90"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 9f0c64423efdf932116c803edf02f87c
6c6970f38daaf4966b2813608aa90d1088e481b5
303076a11db49da9585b3bbf87265a91d7534f944e71265f417b9a767e576369
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5899
Cache-Control: max-age=148234
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:34:49 GMT
Etag: "63ac1548-117"
Expires: Fri, 30 Dec 2022 11:45:23 GMT
Last-Modified: Wed, 28 Dec 2022 10:07:04 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash dcffd752df4e792a8c20dfc07f01aa7f
936e935cad0ad73e21b6591e5859f81f1abb6a14
0d243c948b06c392e7538acc7026d1920aba154a9ce3a5e6c19f17701899ebc7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5893
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:34:49 GMT
Last-Modified: Wed, 28 Dec 2022 16:56:37 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 279
metamask.io/images/favicon.png
185.199.109.153404 Not Found 16 kB URL HTTP/2 metamask.io/images/favicon.png
IP 185.199.109.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33631)
Hash f00fb3a5a36d4f0f285f4196adb31f6b
9c864368e8930b1d2cc0fa430b91f76ece1a2f28
436d84891a04cd0ea5221b658ed40663ffcc2b3b6a9d84643c395e446656b4f7
GET /images/favicon.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"63a50f2d-114dd"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: E74A:D92A:259F6D7:2734193:63AC8891
accept-ranges: bytes
date: Wed, 28 Dec 2022 18:34:49 GMT
via: 1.1 varnish
age: 952
x-served-by: cache-bma1666-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1672252490.949816,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 3b5f02ee26ce84efb569710e7d6a1dd3ce5a8cfd
content-length: 15764
X-Firefox-Spdy: h2
metamask.io/images/webclip.png
185.199.109.153404 Not Found 16 kB URL HTTP/2 metamask.io/images/webclip.png
IP 185.199.109.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33631)
Hash f00fb3a5a36d4f0f285f4196adb31f6b
9c864368e8930b1d2cc0fa430b91f76ece1a2f28
436d84891a04cd0ea5221b658ed40663ffcc2b3b6a9d84643c395e446656b4f7
GET /images/webclip.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"63a50f2d-114dd"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: A5B2:D92A:259F6D7:2734194:63AC8891
accept-ranges: bytes
date: Wed, 28 Dec 2022 18:34:49 GMT
via: 1.1 varnish
age: 952
x-served-by: cache-bma1666-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1672252490.957155,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 634211b5703eefa90f345c34e8d69770c4e0783e
content-length: 15764
X-Firefox-Spdy: h2
metamasknev.dedyn.io/meta/saved_resource(2).html
194.49.94.116200 OK 152 B URL HTTP/1.1 metamasknev.dedyn.io/meta/saved_resource(2).html
IP 194.49.94.116:0
File type HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /meta/saved_resource(2).html HTTP/1.1
Host: metamasknev.dedyn.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/meta/anchor.html
Cookie: _ga=GA1.3.503274505.1672252484; _gid=GA1.3.922191192.1672252484; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 28 Dec 2022 18:34:49 GMT
Content-Type: text/html
Content-Length: 152
Last-Modified: Mon, 26 Dec 2022 18:20:54 GMT
Connection: keep-alive
ETag: "63a9e606-98"
Expires: Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control: max-age=315360000
Accept-Ranges: bytes
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://metamasknev.dedyn.io
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15552
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 27 Dec 2022 20:25:37 GMT
Expires: Wed, 27 Dec 2023 20:25:37 GMT
Cache-Control: public, max-age=31536000
Age: 79753
Last-Modified: Mon, 16 Oct 2017 17:33:02 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/1.1 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://metamasknev.dedyn.io
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 15344
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 23 Dec 2022 13:37:04 GMT
Expires: Sat, 23 Dec 2023 13:37:04 GMT
Cache-Control: public, max-age=31536000
Age: 449866
Last-Modified: Mon, 16 Oct 2017 17:32:55 GMT
Content-Type: font/woff2
www.gstatic.com/recaptcha/api2/info_2x.png
216.58.211.3200 OK 665 B URL HTTP/2 www.gstatic.com/recaptcha/api2/info_2x.png
IP 216.58.211.3:0
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Dec 2022 08:12:18 GMT
expires: Thu, 29 Dec 2022 08:12:18 GMT
cache-control: public, max-age=604800
age: 555752
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/audio_2x.png
216.58.211.3200 OK 530 B URL HTTP/2 www.gstatic.com/recaptcha/api2/audio_2x.png
IP 216.58.211.3:0
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Dec 2022 15:42:32 GMT
expires: Tue, 03 Jan 2023 15:42:32 GMT
cache-control: public, max-age=604800
age: 96738
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/refresh_2x.png
216.58.211.3200 OK 600 B URL HTTP/2 www.gstatic.com/recaptcha/api2/refresh_2x.png
IP 216.58.211.3:0
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Dec 2022 06:57:23 GMT
expires: Sat, 31 Dec 2022 06:57:23 GMT
cache-control: public, max-age=604800
age: 387447
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.hsforms.net/forms/v2.js
104.17.182.73200 OK 161 kB URL HTTP/2 js.hsforms.net/forms/v2.js
IP 104.17.182.73:0
File type Unicode text, UTF-8 text, with very long lines (60882), with no line terminators
Size 161 kB (160842 bytes)
Hash 511af39743b3a866d34a6af98366bbda
66f94d49d0a3e856a1dfc8ee9974a129ea2d6d24
4a427318bb1d292a0e7fb953f6d2d19db606c42b296d1af616c52534bcb12e83
GET /forms/v2.js HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 18:34:49 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 21 Dec 2022 10:06:54 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: uQ0RLN1jqr8UmbEUY0caJ.pZg.jtD3ww
etag: W/"53c7729f9a5c32a04b6d48dd118565af"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 bae9b5cf91e37b01cfae8886aa7bf606.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD55-P4
x-amz-cf-id: i7FEOGx4pReDVlqCFIIHzZ2Z_wYwr3Q5zXWnWpFouj9qhJ-JLD37bQ==
cache-control: s-maxage=600, max-age=300
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2513/bundles/project-v2.js&cfRay=77d7b33cbfaeabd4-IAD
x-hs-target-asset: forms-embed/static-1.2513/bundles/project-v2.js
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 159
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7N8v1Y9uHYOj1IbIIODkv5K97H15pQnwCsCnboNLq%2FgnX2h%2FX6xBMRDUtwc9LGnNFHXmiSNlqmM%2FjSTalyoP3jy0uqgaKAXgagU08TOqzuSyuPu6WKnM7ZPAivdlaHoK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 780c646d88261bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 52ca073ad56859a4aa27c7711a0280e0
0f9481ab1d4503f6768b94aca521a8e6a1cacc16
3be123f7c76a1cb88f5f06d8359ee810eb5aa11540c89bc747318101e3585145
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:34:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
216.58.211.4200 OK 611 B URL HTTP/2 www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
IP 216.58.211.4:0
File type ASCII text, with very long lines (1008), with no line terminators
Hash f83f3c33f8ef2fd235bb823c284b8ea9
da7b9f849a8b6ff52643f7b19cbd83b7bd121f95
923c80a366a4b706e88e039641d959cde663c0e9b5d8f43cc91d0cce0da8498b
GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Wed, 28 Dec 2022 18:34:50 GMT
date: Wed, 28 Dec 2022 18:34:50 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 611
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0ae0707aeabde36523941c20a68b5254
f882332bd8b3c0147af8ca8788be4a290d155766
537eefee073333371ff318be540498d3923603b79e282d6dd706cea5670caa8c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Dec 2022 18:34:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 64a40705c1e028338744d7a85baf6788
2dc6badc2ae148e7c42dc02baeab761366a709bc
aaa48edf1c0089603fa9ef07698c8bee3609bc72fd2566cd89ba4ebbe89de0ef
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 18:34:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Dec 2022 03:43:26 GMT
Expires: Wed, 04 Jan 2023 03:43:25 GMT
Etag: "2dc6badc2ae148e7c42dc02baeab761366a709bc"
Cache-Control: max-age=550714,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 780c646e7833b4f7-OSL
lptag.liveperson.net/tag/tag.js?site=88982875
178.249.101.23200 OK 7.6 kB URL HTTP/2 lptag.liveperson.net/tag/tag.js?site=88982875
IP 178.249.101.23:0
File type ASCII text, with very long lines (21652), with no line terminators
Hash 6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd
GET /tag/tag.js?site=88982875 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 18:34:50 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 64a40705c1e028338744d7a85baf6788
2dc6badc2ae148e7c42dc02baeab761366a709bc
aaa48edf1c0089603fa9ef07698c8bee3609bc72fd2566cd89ba4ebbe89de0ef
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Dec 2022 18:34:50 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 28 Dec 2022 03:43:26 GMT
Expires: Wed, 04 Jan 2023 03:43:25 GMT
Etag: "2dc6badc2ae148e7c42dc02baeab761366a709bc"
Cache-Control: max-age=550714,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 780c646e7e030b45-OSL
www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
216.58.211.3200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js
IP 216.58.211.3:0
File type ASCII text, with very long lines (658)
Size 165 kB (164706 bytes)
Hash 0b7fccb24ee065a01fdde10928c03c3f
9b198014f81844820588c202cc24bf5e03bf3dd7
68756de8f0d6742525ddaca56ab350e34d822777e86939fea27eb704ae013280
GET /recaptcha/releases/5qcenVbrhOy8zihcc2aHOWD4/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://metamasknev.dedyn.io
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164706
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 23 Dec 2022 08:42:55 GMT
expires: Sat, 23 Dec 2023 08:42:55 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 15 Dec 2022 05:24:10 GMT
content-type: text/javascript
age: 467515
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3527
Expires: Wed, 28 Dec 2022 19:33:37 GMT
Date: Wed, 28 Dec 2022 18:34:50 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 563a71326245b9544f7051f983f4d897
7293247391520689fb7aeac14ee6c984d82d7de3
17c444592282f17c3eb8a0d8e10ae9b3be096d621bdf2bbd8e12faf13ff4999c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "17C444592282F17C3EB8A0D8E10AE9B3BE096D621BDF2BBD8E12FAF13FF4999C"
Last-Modified: Tue, 27 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3527
Expires: Wed, 28 Dec 2022 19:33:37 GMT
Date: Wed, 28 Dec 2022 18:34:50 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8978692-1057-4721-b58a-03675b009dec.webp
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8978692-1057-4721-b58a-03675b009dec.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003be820cd1d0f0365928cab98019457
e2a5c2764e4850aa95594c8b303aa4963d33954b
098fd59f48bb33d33764f64eb15d14840467d84544c34f35a6f86bb893be516d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8978692-1057-4721-b58a-03675b009dec.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5880
x-amzn-requestid: e87391e7-c302-42a9-9cdf-0ca5a264c973
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0z-4GrNoAMFYyw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab66c5-6b7d0f3044ed76e91a8815d7;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:42:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QB3LsKzG9hiMrLwemezbf85srVaq07WnkcbHbOpjmO-chWigBRXwxw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:42:29 GMT
etag: "e2a5c2764e4850aa95594c8b303aa4963d33954b"
content-type: image/jpeg
age: 75142
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45fd5586-9fcc-4409-88f6-52a554307609.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45fd5586-9fcc-4409-88f6-52a554307609.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a022f080982dddeaf2decce39bf2f1f7
dd9cb19eb6008d3558f60332bc16c83108474f66
fe2c473fa2e8bb50ead0a1faef96024d711c765330b887e72f53219e96adaf20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F45fd5586-9fcc-4409-88f6-52a554307609.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5888
x-amzn-requestid: c2212a71-2743-49ed-80fe-5319f266932a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0y_0FUgoAMF1dA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab6531-05343b8c4c574b530118c293;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7a0bEDDA67CyAKgVKUqz38Elve3uoZ392Ql0t0NVsypOXBc-zgjJNw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:42:28 GMT
etag: "dd9cb19eb6008d3558f60332bc16c83108474f66"
content-type: image/jpeg
age: 75143
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346e7d95-abf9-4783-baa6-85137bb9cc29.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346e7d95-abf9-4783-baa6-85137bb9cc29.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8ab36b0d168174ef2d960be9810fdb2d
7c8a7415cab3ef88b5d1204af214a687b1676dda
a1d842fd02273603db0090d34c317d7a3ce3e5f00f29271d45fc4ed6d09ee21e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F346e7d95-abf9-4783-baa6-85137bb9cc29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7817
x-amzn-requestid: 21a68509-6fec-48b3-8bce-fb2ebfab3289
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0yuCEVwIAMFUrQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab64c0-5e23ceec731631d93e01e2c8;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:33:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1F1os87usGl0yMWsHxFZsVnrbmjJKydPf4ZXL4xsXjHau3fAS9Nf1Q==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:44:42 GMT
age: 75009
etag: "7c8a7415cab3ef88b5d1204af214a687b1676dda"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b373925ce249ca67e6984c436f5cd2b8
ddbc25025b933587990f8e9c32e91c9773256840
7d3c992b715283efeba9bee2e5c08042267017e76074ca6aad870e1dd45b4564
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d43b473-21c7-4775-9398-1bdecb4d7d28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9007
x-amzn-requestid: 15b3b2e5-d493-4b54-aab4-7374bf892e83
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: drrFbESxIAMFikw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a7beef-37f4ab8e7738b186705bb1db;Sampled=0
x-amzn-remapped-date: Sun, 25 Dec 2022 03:09:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Swp663gmExgpgDT8bZUFNOpLEJHZDQWrEeasO7jgP5GClXzyJUTWgw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Dec 2022 03:27:43 GMT
age: 54428
etag: "ddbc25025b933587990f8e9c32e91c9773256840"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7efeb4a1-9d83-4fe3-bd8d-999279ed4dcd.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7efeb4a1-9d83-4fe3-bd8d-999279ed4dcd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae5da67479fa2f3afda50a7566b5e46e
d71de1881ea09f0aed36703f95635cc0cd552429
a67eca901c4f8436074f48a594cd9942742430c8776745152baf3f858a9c3407
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7efeb4a1-9d83-4fe3-bd8d-999279ed4dcd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4443
x-amzn-requestid: 6ca832c3-dcdc-4fc3-bb60-6868d09f824b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0y_zFEOoAMF9KQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab6531-0a9be43a500ea8b41200cc43;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:35:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Qy-hxddkp68OmfI4OKNvNu8mRO8re9SQNxsxuPcPyP7-tqIEdl7pug==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:42:19 GMT
age: 75152
etag: "d71de1881ea09f0aed36703f95635cc0cd552429"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac8e7926-34e8-4a65-ba5a-894c252c5826.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac8e7926-34e8-4a65-ba5a-894c252c5826.jpeg
IP 34.120.237.76:0
Hash cbad495b4562276874a960c338e2524c
4c2431aacc01aad9a89a7d1afacafae2f6bc4565
ee797c8fc1797bab302cf9b894c70e94b8b51e30aad9147391f76fdc888a945e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac8e7926-34e8-4a65-ba5a-894c252c5826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9103
x-amzn-requestid: d35b52dd-fc72-47ca-8232-00e48cd6d209
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: d0z_EEruIAMFlQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ab66c6-574a052f67683ba238966de5;Sampled=0
x-amzn-remapped-date: Tue, 27 Dec 2022 21:42:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ohxADRAP902PofikgbhHb6N0yLainQlafqatm4eBQ1u5DHGr1r15Fg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Dec 2022 21:42:30 GMT
etag: "92bc9a2cc454608eae4e310456f2ec180d4ccdca"
content-type: image/jpeg
age: 75141
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb26288x25747
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb26288x25747
IP 178.249.101.99:0
GET /api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb26288x25747 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpcdn.lpsnmedia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Dec 2022 18:34:50 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:28|g:d88a7bd2-3ef9-432b-b7cb-ad66ea2693dd; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:20 GMT; Path=/
ADRUM_BTa=R:28|g:d88a7bd2-3ef9-432b-b7cb-ad66ea2693dd|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:20 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:20 GMT; Path=/; Secure
ADRUM_BT1=R:28|i:2241585; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:20 GMT; Path=/
ADRUM_BT1=R:28|i:2241585|e:9; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:20 GMT; Path=/
cache-control: no-store
x-envoy-upstream-service-time: 290
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/88982875?&cb=lpCb66921x79494&t=sp&ts=1672252486726&pid=9698534732&tid=9120709893&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=http%3A%2F%2Fmetamasknev.dedyn.io%2Fsecure.php&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
208.89.12.87200 OK 0 B URL HTTP/2 va.v.liveperson.net/api/js/88982875?&cb=lpCb66921x79494&t=sp&ts=1672252486726&pid=9698534732&tid=9120709893&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=http%3A%2F%2Fmetamasknev.dedyn.io%2Fsecure.php&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP 208.89.12.87:0
GET /api/js/88982875?&cb=lpCb66921x79494&t=sp&ts=1672252486726&pid=9698534732&tid=9120709893&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=http%3A%2F%2Fmetamasknev.dedyn.io%2Fsecure.php&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 28 Dec 2022 18:34:51 GMT
content-type: application/javascript
set-cookie: LPVisitorID=E1NmQ0N2FmZjBjODg4ZTNi; Expires=Thu, 28-Dec-2023 18:34:51 GMT; Path=/; HttpOnly
LPSessionID=AVYb7LOHRjSWbkTLzmQioQ; Path=/api/js/88982875; HttpOnly
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb7904x72150
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb7904x72150
IP 178.249.101.99:0
GET /api/account/88982875/configuration/setting/accountproperties/?cb=lpCb7904x72150 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 18:34:49 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:28|g:cbec772b-e4b5-437b-9a28-61cbf07b54b8; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:19 GMT; Path=/
ADRUM_BTa=R:28|g:cbec772b-e4b5-437b-9a28-61cbf07b54b8|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:19 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:19 GMT; Path=/; Secure
ADRUM_BT1=R:28|i:2241585; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:19 GMT; Path=/
ADRUM_BT1=R:28|i:2241585|e:10; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:19 GMT; Path=/
vary: Accept
expires: Wed, 28 Dec 2022 18:35:49 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 178.249.101.99:0
GET /api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 18:34:49 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:28|g:0d0631da-9e91-473a-9b93-5816e4d8df9a; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:19 GMT; Path=/
ADRUM_BTa=R:28|g:0d0631da-9e91-473a-9b93-5816e4d8df9a|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:19 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:19 GMT; Path=/; Secure
ADRUM_BT1=R:28|i:2241585; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:19 GMT; Path=/
ADRUM_BT1=R:28|i:2241585|e:8; Max-Age=30; Expires=Wed, 28-Dec-2022 18:35:19 GMT; Path=/
vary: Accept
expires: Wed, 28 Dec 2022 18:35:49 GMT
x-envoy-upstream-service-time: 0
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=http%3A%2F%2Fmetamasknev.dedyn.io&site=88982875&env=prod&isCrossDomain=true
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=http%3A%2F%2Fmetamasknev.dedyn.io&site=88982875&env=prod&isCrossDomain=true
IP 178.249.97.98:0
GET /le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=http%3A%2F%2Fmetamasknev.dedyn.io&site=88982875&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 18:34:50 GMT
content-type: text/html
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 28 Dec 2023 18:34:50 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
104.16.85.5200 OK 0 B URL HTTP/2 forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
IP 104.16.85.5:0
GET /embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 18:34:49 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B03BB4A01CF34E5CAFB2AB37CDCEBBFAFF14B98C5000000000000000000
x-origin-hublet: na1
vary: origin
x-hubspot-correlation-id: c23309f7-4e51-48f9-bdbe-7b66e9da42e9
content-disposition: attachment; filename=no-rfd.txt
x-content-type-options: nosniff
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 780c646d0e7afab8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=http%3A%2F%2Fmetamasknev.dedyn.io&site=88982875&force=1&env=prod&isCrossDomain=true
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=http%3A%2F%2Fmetamasknev.dedyn.io&site=88982875&force=1&env=prod&isCrossDomain=true
IP 178.249.97.98:0
GET /le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=http%3A%2F%2Fmetamasknev.dedyn.io&site=88982875&force=1&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasknev.dedyn.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Dec 2022 18:34:50 GMT
content-type: application/javascript
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Thu, 28 Dec 2023 18:34:50 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2