web-metamesklogin.uteach.io Open in urlscan Pro
34.236.72.19  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request overdue Show response web-metamesklogin.uteach.io/	17 KB 6 KB	970ms 707ms	Document text/html	34.236.72.19 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://web-metamesklogin.uteach.io/overdue Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.236.72.19 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-236-72-19.compute-1.amazonaws.com Software / Resource Hash cae14aadcc5bb58e798636dc093b8d1caad9d4aa054c65b2fcadb0de4c22db01 Security Headers Name Value Content-Security-Policy frame-ancestors 'self' http://webvisor.com https://webvisor.com metrika.yandex.ru Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 accept-language de-DE,de;q=0.9 sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers access-control-allow-origin * access-control-expose-headers * cache-control no-cache, private content-encoding gzip content-security-policy frame-ancestors 'self' http://webvisor.com https://webvisor.com metrika.yandex.ru content-type text/html; charset=UTF-8 date Wed, 27 Mar 2024 01:03:43 GMT strict-transport-security max-age=15724800; includeSubDomains vary Accept-Encoding x-ratelimit-limit 130 x-ratelimit-remaining 129
GET H2	200	app.css web-metamesklogin.uteach.io/css/templates/v2/basic/	301 KB 51 KB	133ms 132ms	Stylesheet text/css	34.236.72.19 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://web-metamesklogin.uteach.io/css/templates/v2/basic/app.css Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/overdue Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.236.72.19 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-236-72-19.compute-1.amazonaws.com Software / Resource Hash 75af3881dc346e551833205007a57aded7888ac3a8adb8dbf593bf2a3af43cfa Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/overdue accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 01:03:43 GMT content-encoding gzip strict-transport-security max-age=15724800; includeSubDomains last-modified Sat, 23 Mar 2024 13:11:21 GMT etag W/"65fed4f9-4b4f2" vary Accept-Encoding content-type text/css
GET H2	200	metamask-login-1.jpg i.ibb.co/JBy1vG0/	186 KB 186 KB	189ms 50ms	Image image/jpeg	162.19.58.160 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://i.ibb.co/JBy1vG0/metamask-login-1.jpg Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/overdue Protocol H2 Security TLS 1.3, , AES_128_GCM Server 162.19.58.160 , France, ASN16276 (OVH, FR), Reverse DNS ns3096649.ip-162-19-58.eu Software nginx / Resource Hash f76754bdc2c4cfd21f339337e3a167501797f7ca10ce7b954fcf63c5699e1bda Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 01:03:43 GMT last-modified Thu, 16 Jun 2022 04:26:26 GMT server nginx access-control-allow-methods GET, OPTIONS content-type image/jpeg access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 189995 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	uteach.svg d35v9chtr4gec.cloudfront.net/uteach/assets/	3 KB 1 KB	233ms 106ms	Image image/svg+xml	2600:9000:2359:4200:7:2f2:c100:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35v9chtr4gec.cloudfront.net/uteach/assets/uteach.svg Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/overdue Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:4200:7:2f2:c100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 0f817af4c1a6cd30996820a0279a19a4e7f41d1c20a8640f73b25bdb2c79d331 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id kv7RgcL6RuUhDxe2ufDDNu8bJbQzqf1J content-encoding gzip via 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront) date Tue, 26 Mar 2024 10:09:33 GMT last-modified Mon, 29 Nov 2021 10:43:30 GMT server AmazonS3 x-amz-cf-pop FRA60-P10 age 53651 etag W/"289529681fdf10f8194b7269fc3f3c47" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=2678400 x-amz-cf-id PTAMiCsA0GcyjbsGjOReEOqSujt_q3AnDHDBFn_POWTkzioh8KyaEA==
GET H2	200	overdue-bg.jpg d35v9chtr4gec.cloudfront.net/uteach/assets/	207 KB 207 KB	211ms 72ms	Image image/jpeg	2600:9000:2359:4200:7:2f2:c100:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35v9chtr4gec.cloudfront.net/uteach/assets/overdue-bg.jpg Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/overdue Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:4200:7:2f2:c100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f20d8930983ae11138706f7670513f226311f26094438bf9ece9f1b2bb2f79bb Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 11:53:07 GMT x-amz-version-id OAewzPkBzrs9FSdvpYZEkenGG.s5KrQh via 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront) last-modified Mon, 29 Nov 2021 10:47:38 GMT server AmazonS3 x-amz-cf-pop FRA60-P10 age 47437 etag "298eba51db36da4f50c7e62b1bb4d6b2" vary Origin x-cache Hit from cloudfront content-type image/jpeg cache-control max-age=2678400 accept-ranges bytes content-length 211758 x-amz-cf-id 60UF2eFWywTs6LjJm-o_N989Z0-Qu7BlKKYJv8kOVu5lSZNZQdoUJg==
GET H2	200	eye.svg d35v9chtr4gec.cloudfront.net/uteach/assets/	864 B 1 KB	174ms 45ms	Image image/svg+xml	2600:9000:2359:4200:7:2f2:c100:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35v9chtr4gec.cloudfront.net/uteach/assets/eye.svg Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/overdue Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:4200:7:2f2:c100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 630c9f0f2218979da16a20f8dea53e4f8248ac02d5b83585467ac37ecbc14c40 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id BSCfhzzPuIlFfHWjcf.sAjSYqCkC8pvb date Tue, 26 Mar 2024 05:29:21 GMT via 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront) last-modified Mon, 29 Nov 2021 10:50:38 GMT server AmazonS3 x-amz-cf-pop FRA60-P10 age 70685 etag "fb5682d8c14107438db6cbab3dbbb350" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=2678400 accept-ranges bytes content-length 864 x-amz-cf-id q_1VW9PtduyB_UM9dQwrAqCHVvwu4Z8bCJYKZCZGNacd_qIfsyRc5Q==
GET H2	200	invisible.svg d35v9chtr4gec.cloudfront.net/uteach/assets/	1 KB 1 KB	168ms 39ms	Image image/svg+xml	2600:9000:2359:4200:7:2f2:c100:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35v9chtr4gec.cloudfront.net/uteach/assets/invisible.svg Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/overdue Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:4200:7:2f2:c100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f1714f6d588210e5e05f7e26e5d9c37f10241bf9b009b271737f283418ad1d05 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id uqK6VXPmbacvHife4aQ5vEQVJVusBFUC content-encoding gzip via 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront) date Tue, 26 Mar 2024 04:31:43 GMT last-modified Mon, 29 Nov 2021 10:48:17 GMT server AmazonS3 x-amz-cf-pop FRA60-P10 age 73921 etag W/"f889e4d8c73813afcc1c7ebcdb77896f" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=2678400 x-amz-cf-id B1E84AC-GQNJU-62XlLDiX0CIBFb28Hx4ABf_Wo-qGAveJQOLFX3Cg==
GET H2	200	navigation.css web-metamesklogin.uteach.io/css/	10 KB 3 KB	246ms 244ms	Stylesheet text/css	34.236.72.19 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://web-metamesklogin.uteach.io/css/navigation.css?id=95b4ee81e406059e4286aee0dc10b718 Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/overdue Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.236.72.19 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-236-72-19.compute-1.amazonaws.com Software / Resource Hash d962150bc1da66ec38371484a32bb1cd862dc3083905cfdd3b1b18ba044a4e97 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/overdue accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 01:03:43 GMT content-encoding gzip strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 26 Mar 2024 11:52:24 GMT etag W/"6602b6f8-26b0" vary Accept-Encoding content-type text/css
GET H2	200	tenant-site.js Show response d35v9chtr4gec.cloudfront.net/s3-assets/475/js/	268 KB 84 KB	173ms 45ms	Script text/plain	2600:9000:2359:4200:7:2f2:c100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35v9chtr4gec.cloudfront.net/s3-assets/475/js/tenant-site.js Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/overdue Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:4200:7:2f2:c100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash ba17a60ebf64319aa2bdd0b1ffc40965fea97997eb581f6baf769cf98db7d71b Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id lCeeFaF85P_q7BMMLcY.Nde8DtNZQVQT content-encoding br via 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront) date Tue, 26 Mar 2024 13:16:06 GMT last-modified Sat, 23 Mar 2024 13:08:52 GMT server AmazonS3 x-amz-cf-pop FRA60-P10 age 42523 x-amz-server-side-encryption AES256 etag W/"889e7258553ebf6d78f066a971c7844c" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type text/plain cache-control max-age=2678400 x-amz-cf-id p4MTcUuHSDdlP-MgHdQQh1W_L69pHIyz0sOnyK9gyjXPE47aFgXPIA==
GET H2	200	slick.js Show response web-metamesklogin.uteach.io/js/	42 KB 10 KB	246ms 245ms	Script application/javascript	34.236.72.19 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://web-metamesklogin.uteach.io/js/slick.js Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/overdue Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.236.72.19 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-236-72-19.compute-1.amazonaws.com Software / Resource Hash 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/overdue accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 01:03:43 GMT content-encoding gzip strict-transport-security max-age=15724800; includeSubDomains last-modified Sat, 23 Mar 2024 13:11:21 GMT etag W/"65fed4f9-a76f" vary Accept-Encoding content-type application/javascript
GET H2	200	tenant-global.js Show response web-metamesklogin.uteach.io/js/	842 B 514 B	246ms 245ms	Script application/javascript	34.236.72.19 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://web-metamesklogin.uteach.io/js/tenant-global.js Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/overdue Protocol H2 Security TLS 1.3, , AES_256_GCM Server 34.236.72.19 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-236-72-19.compute-1.amazonaws.com Software / Resource Hash 4390b55ee38defe0310cef3f53cf3a10f04b07b36fc823feb83b103c12de8240 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/overdue accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Wed, 27 Mar 2024 01:03:43 GMT content-encoding gzip strict-transport-security max-age=15724800; includeSubDomains last-modified Tue, 26 Mar 2024 11:52:24 GMT etag W/"6602b6f8-34a" vary Accept-Encoding content-type application/javascript
GET H2	200	css fonts.googleapis.com/	2 KB 1002 B	134ms 48ms	Stylesheet text/css	2a00:1450:4001:827::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:500 Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/css/templates/v2/basic/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash d8d622af7c58a31a2672b8661a1634e58cc38eac1677ccc44632203dd7dcab94 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers strict-transport-security max-age=31536000 date Wed, 27 Mar 2024 01:03:44 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 26 Mar 2024 23:16:56 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Wed, 27 Mar 2024 01:03:44 GMT
GET H2	200	eye.svg d35v9chtr4gec.cloudfront.net/uteach/assets/	864 B 1 KB	39ms 39ms	Image image/svg+xml	2600:9000:2359:4200:7:2f2:c100:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35v9chtr4gec.cloudfront.net/uteach/assets/eye.svg Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/overdue Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:4200:7:2f2:c100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 630c9f0f2218979da16a20f8dea53e4f8248ac02d5b83585467ac37ecbc14c40 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id BSCfhzzPuIlFfHWjcf.sAjSYqCkC8pvb date Tue, 26 Mar 2024 05:29:21 GMT via 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront) last-modified Mon, 29 Nov 2021 10:50:38 GMT server AmazonS3 x-amz-cf-pop FRA60-P10 age 70686 etag "fb5682d8c14107438db6cbab3dbbb350" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=2678400 accept-ranges bytes content-length 864 x-amz-cf-id 5u9HR8KmRHOd3mul4mP8-55BXuGCveczJcKTzwGWl6Ug436Qa130WQ==
GET H2	200	invisible.svg d35v9chtr4gec.cloudfront.net/uteach/assets/	1 KB 1 KB	40ms 40ms	Image image/svg+xml	2600:9000:2359:4200:7:2f2:c100:21 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://d35v9chtr4gec.cloudfront.net/uteach/assets/invisible.svg Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/overdue Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:4200:7:2f2:c100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash f1714f6d588210e5e05f7e26e5d9c37f10241bf9b009b271737f283418ad1d05 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id uqK6VXPmbacvHife4aQ5vEQVJVusBFUC content-encoding gzip via 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront) date Tue, 26 Mar 2024 04:31:43 GMT last-modified Mon, 29 Nov 2021 10:48:17 GMT server AmazonS3 x-amz-cf-pop FRA60-P10 age 73922 etag W/"f889e4d8c73813afcc1c7ebcdb77896f" vary Accept-Encoding, Origin x-cache Hit from cloudfront content-type image/svg+xml cache-control max-age=2678400 x-amz-cf-id VL2TI0bOMtTgVIBAMAT5gZqZiRkCvPU6UBaVoyFfBaJi_7mhdQtlJg==
GET H2	200	poppins-v20-latin-500.woff2 d35v9chtr4gec.cloudfront.net/fonts/tenants/	8 KB 8 KB	121ms 42ms	Font binary/octet-stream	2600:9000:2359:4200:7:2f2:c100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35v9chtr4gec.cloudfront.net/fonts/tenants/poppins-v20-latin-500.woff2 Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/css/templates/v2/basic/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:4200:7:2f2:c100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/ Origin https://web-metamesklogin.uteach.io accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id kwnIkGnldsVCD8b9a.RutjjdYQB1OoBk date Tue, 26 Mar 2024 13:33:37 GMT via 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 41408 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 7748 last-modified Wed, 07 Jun 2023 07:33:17 GMT server AmazonS3 etag "a09f2fccfee35b7247b08a1a266f0328" vary Accept-Encoding content-type binary/octet-stream access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes x-amz-cf-id AEI8YdCTY1xA2FaQjJgkP9sllA5_vRDt1X_wFMkn0_chnvfpCgkc5g==
GET H2	200	poppins-v20-latin-700.woff2 d35v9chtr4gec.cloudfront.net/fonts/tenants/	8 KB 8 KB	127ms 49ms	Font binary/octet-stream	2600:9000:2359:4200:7:2f2:c100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35v9chtr4gec.cloudfront.net/fonts/tenants/poppins-v20-latin-700.woff2 Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/css/templates/v2/basic/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:4200:7:2f2:c100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/ Origin https://web-metamesklogin.uteach.io accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id _jDwgmKhgRIPnviGZPEMpzi_0O4E.WO3 date Tue, 26 Mar 2024 13:55:50 GMT via 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 41079 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 7816 last-modified Wed, 07 Jun 2023 07:33:19 GMT server AmazonS3 etag "25b0e113ca7cce3770d542736db26368" vary Accept-Encoding content-type binary/octet-stream access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes x-amz-cf-id DyNnNYg9XvLjhfDVatOGE3vNH7iWVZflz-5_qe7oNB73ZVtrflXEwA==
GET H2	200	poppins-v20-latin-regular.woff2 d35v9chtr4gec.cloudfront.net/fonts/tenants/	8 KB 8 KB	123ms 45ms	Font binary/octet-stream	2600:9000:2359:4200:7:2f2:c100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35v9chtr4gec.cloudfront.net/fonts/tenants/poppins-v20-latin-regular.woff2 Requested by Host: web-metamesklogin.uteach.io URL: https://web-metamesklogin.uteach.io/css/templates/v2/basic/app.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:4200:7:2f2:c100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/ Origin https://web-metamesklogin.uteach.io accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers x-amz-version-id jl8SMd1FJ.9mpgcmcvbRivNR4uFMGSHz date Tue, 26 Mar 2024 11:53:06 GMT via 1.1 bf5a173128ca82b73dcca1031d4b3d94.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 47809 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 7884 last-modified Wed, 07 Jun 2023 07:33:19 GMT server AmazonS3 etag "9212f6f9860f9fc6c69b02fedf6db8c3" vary Accept-Encoding content-type binary/octet-stream access-control-allow-origin * cache-control max-age=2678400 accept-ranges bytes x-amz-cf-id JlxMudRVcWCYLdiKShC-169M4bJI4_Mi0HcWw7smbfDZmn6p_yvOww==
GET H2	200	metamask-logi.png d35v9chtr4gec.cloudfront.net/henrysmith-eyrmgg/settings/nZUydugM9dAhJ8xJL805-1709697104/	3 KB 3 KB	40ms 40ms	Other image/png	2600:9000:2359:4200:7:2f2:c100:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d35v9chtr4gec.cloudfront.net/henrysmith-eyrmgg/settings/nZUydugM9dAhJ8xJL805-1709697104/metamask-logi.png Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2359:4200:7:2f2:c100:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash b1dc865607368ab18df0cf40e8da27e234ceed9b159a12eadc4d611077162d19 Request headers sec-ch-ua "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123" Referer https://web-metamesklogin.uteach.io/ accept-language de-DE,de;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Tue, 26 Mar 2024 10:52:48 GMT x-amz-version-id mJarZ.9ngKHFbFHgQqOXqS2iCaByAqkQ via 1.1 38f2daae6c849ed5f695333a9d4104ae.cloudfront.net (CloudFront) x-amz-cf-pop FRA60-P10 age 51057 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront content-length 2925 last-modified Wed, 06 Mar 2024 03:51:45 GMT server AmazonS3 etag "2b5767671f5a4f930576158f347e57d6" vary Origin content-type image/png cache-control max-age=2678400 accept-ranges bytes x-amz-cf-id ckGcrRTULkujRINY78gr83huHAXoDX_v42RIvz9jpWlv2ZsZjDdtDw==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onpagereveal function| _ object| toastr function| Popper function| jQuery function| $ function| axios function| getCookie function| setCookie function| addTranslationMessages function| trans function| onLoginRegisterSuccess function| onLoginRegisterError function| reCaptchaV3OnOpen function| recaptchaV2Render function| getRecaptchaToken

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			web-metamesklogin.uteach.io/	1970-01-20 19:26:27	Name: XSRF-TOKEN Value: eyJpdiI6IlZCM3NlcHQ4dXdlZDV2SWpIK1htY3c9PSIsInZhbHVlIjoiMmRSRWMrVWU1Nzd6ekpyVjliU3hlM2hJYjREWHBBbjJoQ1NuSmFzekZ6U0M2ek8ybEdMbDVtTkFoa3FZK2hNSnJldkI3VEJRVGxCbHpaY29tMWthQWQ0Y1ZBbFA5Zit4eVJ0aHp1MVZTQUJQUHlzY0NKUWh6Wi9pSVpCaENCY0MiLCJtYWMiOiI0NTdhN2NmY2EzNjI0NTBhZDAwYjQxNDRiNjU2M2M2MGU1NTg4MzQwMWFlMTFiYWVlOWM4MzIwOTU1NzQyYzc5IiwidGFnIjoiIn0%3D
			web-metamesklogin.uteach.io/	1970-01-20 19:26:27	Name: uteach_session Value: eyJpdiI6ImQ0cEV4YWc1SXBVSldGL2VPZkkzeHc9PSIsInZhbHVlIjoiN1FSV0pKejN3ZEVRWmNxVXJkaVpQamtMWVRKb2pYbmQzQkdlYnR6ZDRUZmVCNTZNMnVzcWUweGw3b1dPazZxLzRVdlNyT3orc3hEREtmZWtKK0MzSnRRWk9ISG1UV1JvbjE5Z2pLcVFDMFFjZkE0Q0J2YjVWZXNGZTc0dWtxUFYiLCJtYWMiOiI4OGNmYWRmMGQ3MzE2ZTdhZDk4NTBhYTk4MDg2ODU0MDIxY2RkNmUxZTJiY2IyZWM4YTY2NmZmMzI1ZDgyZGFiIiwidGFnIjoiIn0%3D
			web-metamesklogin.uteach.io/	1969-12-31 23:59:59	Name: timezone Value: Europe/Berlin

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://web-metamesklogin.uteach.io/overdue Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://web-metamesklogin.uteach.io/overdue Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://web-metamesklogin.uteach.io/overdue Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' http://webvisor.com https://webvisor.com metrika.yandex.ru
Strict-Transport-Security	max-age=15724800; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d35v9chtr4gec.cloudfront.net
fonts.googleapis.com
i.ibb.co
web-metamesklogin.uteach.io
162.19.58.160
2600:9000:2359:4200:7:2f2:c100:21
2a00:1450:4001:827::200a
34.236.72.19
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0f817af4c1a6cd30996820a0279a19a4e7f41d1c20a8640f73b25bdb2c79d331
4390b55ee38defe0310cef3f53cf3a10f04b07b36fc823feb83b103c12de8240
630c9f0f2218979da16a20f8dea53e4f8248ac02d5b83585467ac37ecbc14c40
75af3881dc346e551833205007a57aded7888ac3a8adb8dbf593bf2a3af43cfa
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
b1dc865607368ab18df0cf40e8da27e234ceed9b159a12eadc4d611077162d19
ba17a60ebf64319aa2bdd0b1ffc40965fea97997eb581f6baf769cf98db7d71b
cae14aadcc5bb58e798636dc093b8d1caad9d4aa054c65b2fcadb0de4c22db01
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d8d622af7c58a31a2672b8661a1634e58cc38eac1677ccc44632203dd7dcab94
d962150bc1da66ec38371484a32bb1cd862dc3083905cfdd3b1b18ba044a4e97
f1714f6d588210e5e05f7e26e5d9c37f10241bf9b009b271737f283418ad1d05
f20d8930983ae11138706f7670513f226311f26094438bf9ece9f1b2bb2f79bb
f76754bdc2c4cfd21f339337e3a167501797f7ca10ce7b954fcf63c5699e1bda