Report - meta-mask.pages.dev/

Report Overview

Visited public
2023-08-25 10:18:54
Tags
URL
meta-mask.pages.dev/
Finishing URL
meta-mask.pages.dev/
IP / ASN
172.66.45.42
#13335 CLOUDFLARENET
Title
MetaMask - A crypto wallet & gateway to blockchain apps

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-08-18 17:41:21	4.1 kB	119 kB	216.58.207.228
perf.hsforms.com	10768	2013-09-18	2020-07-03 15:11:28	2023-08-24 17:58:41	498 B	1.1 kB	104.17.239.249
meta-mask.pages.dev	unknown	2020-09-02	2022-11-12 14:34:44	2023-07-23 03:45:08	15 kB	2.2 MB	172.66.46.214
metamask.io	81413	2015-07-02	2015-11-15 18:16:41	2023-08-24 10:27:59	812 B	37 kB	185.199.109.153
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-08-24 18:12:03	1.7 kB	3.5 kB	142.250.74.131
forms.hsforms.com	5160	2013-09-18	2018-03-07 16:21:13	2023-08-25 07:15:37	484 B	3.3 kB	104.17.239.249
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-08-25 04:02:02	450 B	8.8 kB	142.250.74.74
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-08-25 02:23:38	3.2 kB	83 kB	142.250.74.35
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-08-25 02:28:01	3.5 kB	221 kB	142.250.74.35
www.token.im.payloan.biz	unknown	2022-12-13	2022-01-01 20:33:07	2023-07-19 02:30:28	1.4 kB	0 B	0.0.0.0

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-08-25 10:18:25	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-08-25 10:18:25	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-08-25 10:18:26	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD
2023-08-25 10:18:26	medium	Client IP	Internal IP	ET INFO Observed DNS Query to .biz TLD

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet
2023-08-24	medium	meta-mask.pages.dev/	Crypto/Wallet

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (33)

	URL	From	Size	First Seen	Last Seen
	meta-mask.pages.dev/	ScriptElement	131 B	2023-03-07	2025-05-03
Pretty URL meta-mask.pages.dev/ IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen54 Hash 8da5c3d05348bfc0ef2e7d64796f08ce e080496b1ba9bcbc603d81c6021044631b89a0c8 f8b75ad14956c9b4a7da3b51493be28faf5bf3b7bc4dc509868bd0e31f240fbf Loading...

	meta-mask.pages.dev/static/js/z_stat-1280416669_1280416669.js	ScriptElement	12 kB	2023-03-29	2024-08-21
Pretty URL meta-mask.pages.dev/static/js/z_stat-1280416669_1280416669.js IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 21:02 Last Seen2024-08-21 08:07 Times Seen8 Hash 353daf9b52d5c8a3b676697e936be0df 7ab63d21145ef6a7911bde574639ef465475e39f 1faf7b777617666f6102595506465a3e43668b0abf2574bf6b4a472f41385c2a Loading...

	forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=	ScriptElement	5.8 kB	2023-08-25	2023-08-25
Pretty URL forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= IP 104.17.239.249 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 12:18 Last Seen2023-08-25 12:18 Times Seen1 Hash 4c8e103d8bc42812c8f959ded88c26a8 254be3231594db132c125055a32183c9c8881f61 5b65401e3a4b066f0b5c5a64cb4d9ad76d70d8255e834b4e119240e862bce0af Loading...

	www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js	ScriptElement	461 kB	2023-08-18	2023-08-31
Pretty URL www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-18 04:48 Last Seen2023-08-31 09:12 Times Seen1265 Hash e346196cabbe1100839406d8f02a31c3 24f54bd82fdab0dc9bc5c6a71e33eefc02286aad 9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35 Loading...

	meta-mask.pages.dev/static/js/v2.js	ScriptElement	577 kB	2023-03-07	2025-05-03
Pretty URL meta-mask.pages.dev/static/js/v2.js IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen52 Hash 40544d5dbcd42e3128e75c41a313bb6b 07238a687a240643e6fd60455e71e157b1f72262 a6e30a1c4e1913d92f1ef2906fa03630ee961e2ae777ffaa15a2ebc47176e485 Loading...

	meta-mask.pages.dev/static/js/jquery-3.5.1.min.dc5e7f18c8.js	ScriptElement	90 kB	2023-03-07	2025-05-09
Pretty URL meta-mask.pages.dev/static/js/jquery-3.5.1.min.dc5e7f18c8.js IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 13:09 Times Seen108616 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	meta-mask.pages.dev/	ScriptElement	271 B	2023-03-07	2025-05-03
Pretty URL meta-mask.pages.dev/ IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen58 Hash 5cc04270e6de1ba3403b9bb4aa18e0bb 02b450b0709e7e8b42847897d4f71388c6b891f1 9aeb52da922aad84c3d824450a12d0c862b6405e789d0df794d43ebbcfac1468 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2sucGFnZXMuZGV2OjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=543q6qqeizat	ScriptElement	75 B	2023-03-07	2025-05-09
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2sucGFnZXMuZGV2OjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=543q6qqeizat IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-05-09 13:10 Times Seen14232 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 13:35 Times Seen4636240 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	meta-mask.pages.dev/	ScriptElement	251 B	2023-03-07	2025-05-03
Pretty URL meta-mask.pages.dev/ IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen54 Hash bed44b24e4fff29f2e0bf3739e46316c 584f9bbf144ef51dfcc79953b1770628319d43dd c0c9670efa75fdbcfae7a3b9caea4279885ce290e76f8769d7b4d7421ef593cf Loading...

	meta-mask.pages.dev/	ScriptElement	246 B	2023-03-07	2025-05-03
Pretty URL meta-mask.pages.dev/ IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen51 Hash 5b8653ee2d3c63c0d1e14d4287ed862c 1bc0f69a67c81f5d996058592d44ccf14cf026a2 66cb513436139a50f16ddbfc135b080c9263b6c1cfc2aae6e1ba013585875e44 Loading...

	meta-mask.pages.dev/static/js/analytics.js	ScriptElement	50 kB	2023-03-07	2025-05-04
Pretty URL meta-mask.pages.dev/static/js/analytics.js IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-04 12:04 Times Seen102 Hash 876c0f150943aff8b256da31f79ac00e b54a0b23c420cc5a9e491cbb3817ecdb65e81991 fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Loading...

	meta-mask.pages.dev/static/js/webfont.js	ScriptElement	13 kB	2023-03-07	2025-05-09
Pretty URL meta-mask.pages.dev/static/js/webfont.js IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 11:08 Times Seen17504 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	meta-mask.pages.dev/static/js/gtag.js	ScriptElement	92 kB	2023-03-07	2025-05-03
Pretty URL meta-mask.pages.dev/static/js/gtag.js IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen55 Hash 8565965902198b680974beb4f8006741 3e60fb528c543082cc483acd620b78002e848fbf 28c8a04ee3648c79f7e5b15b1a62a816eb8073a4133bfb69ca291e5972e0f291 Loading...

	meta-mask.pages.dev/media	ScriptElement	347 kB	2023-04-05	2025-05-03
Pretty URL meta-mask.pages.dev/media IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 05:29 Last Seen2025-05-03 12:44 Times Seen11 Hash 56b231e3ca1938b0890b2a5d36375405 5003b463af40fb2fc8352f2f5230a8e8b02f7b2b 791eb651bed6ffa34827c501e597c2b1ac9098dcfe11f0027756762eaa868fd0 Loading...

	unknown	Function	92 B	2023-04-13	2025-05-08
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-13 12:35 Last Seen2025-05-08 00:19 Times Seen829 Hash 0195aee91cd277604a3e95d6b67cf817 cfc91455f2c998cc69c03c31b749ced8aebd0ce7 822317cfabb3d4b8fe0d843530b2844b9b00eccce923366226866aa4acb34c96 Loading...

	meta-mask.pages.dev/static/js/common.js	ScriptElement	1.3 kB	2023-03-07	2025-05-03
Pretty URL meta-mask.pages.dev/static/js/common.js IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen54 Hash bd2a0385ca182e58c5ecb5590f795183 bbecb1eac5a6742bbc7b0103394ed515bfac3f55 75a54c0d7aab1bc076b76e96d64d1826cf8e1be5d3c65fefc42f14907d8d0240 Loading...

	meta-mask.pages.dev/static/js/enterprise.js	ScriptElement	1.0 kB	2023-03-07	2025-05-03
Pretty URL meta-mask.pages.dev/static/js/enterprise.js IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen53 Hash f565ad01ef85ebe1ffbfa97f91a960c4 a8636143698b1981c2f7c482dad7aa2ac07e4ed2 c8767e2f7a52c171fe807dc80a53bc334a0700e9e38ad28245d6e16d9101c26f Loading...

	meta-mask.pages.dev/	ScriptElement	970 B	2023-03-07	2025-05-03
Pretty URL meta-mask.pages.dev/ IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen51 Hash 68def1a2ba813c0f9d86e7c7ed82d89d f5a424453e0888274c405f7362447070aa7346da 087e51bdc6189c6f7d8829582f5e6afc4b55e787458df91f2080dbb955d5c6a9 Loading...

	meta-mask.pages.dev/static/js/webflow.js	ScriptElement	568 kB	2023-03-07	2025-05-04
Pretty URL meta-mask.pages.dev/static/js/webflow.js IP 172.66.46.214 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-04 15:45 Times Seen94 Hash aa932307fd6818913c360441a1d21397 5d832542de495c05a829b2cdba867b8e508a69dc 8de8a14b1b42b80ff2a89d3afaccd40bad8e6f1b507cc20fe78408c8ff7aa252 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2sucGFnZXMuZGV2OjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=543q6qqeizat	ScriptElement	44 kB	2024-08-21	2024-08-21
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2sucGFnZXMuZGV2OjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=543q6qqeizat IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-21 08:07 Last Seen2024-08-21 08:07 Times Seen1 Hash 73a1dcfee9a9a851fe4800f40c7d0831 e316955be0f9935f77d78149e9426419e16ebf1a 68c977f257d5e60c5a8c4a4a9bf87f3e6dadd2b66bf8417fc79fb079773bfe74 Loading...

	www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true	ScriptElement	1.0 kB	2023-08-19	2023-08-25
Pretty URL www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-19 13:45 Last Seen2023-08-25 12:18 Times Seen8 Hash aac3288b87f93219ccd838f40e3985d7 4f1e30acf86e034db135c6d666702fc72f86c155 8eace2ac1082d16eaa54c0851cf077baf7d925e1791e24df78d4d1d72fe02958 Loading...

		Size	First Seen	Last Seen
	#1 Eval - a3c97de2bf24df0cfe84e3e0e1d57256	16 kB	2023-08-16 08:42	2024-08-21 08:36
Pretty Observations First Seen2023-08-16 08:42 Last Seen2024-08-21 08:36 Times Seen568 Hash a3c97de2bf24df0cfe84e3e0e1d57256 ff14e9a5745623f28dc642515553fd812cf860a4 c56e997cb5b3a46cdf7246052303c76583e3085fc9ed5c5a9e15664f8dacb4ce Loading...

	#2 Eval - 6e2eefeef10d2b02666f73d648f418d9	22 B	2023-08-16 08:42	2024-08-21 08:36
Pretty Observations First Seen2023-08-16 08:42 Last Seen2024-08-21 08:36 Times Seen568 Hash 6e2eefeef10d2b02666f73d648f418d9 9d927fb797bd7f44a69a67ab82c615f209a2519b 9563f2f021db2e304976360087ae9e533798c5bd57f730556daac9ffafa29cb9 Loading...

	#3 Eval - 4de833e6b52e4b88223c7d9fe829df36	62 B	2023-08-25 09:05	2024-08-21 08:08
Pretty Observations First Seen2023-08-25 09:05 Last Seen2024-08-21 08:08 Times Seen335 Hash 4de833e6b52e4b88223c7d9fe829df36 1d1de895ba38e774cb01b5737cc845f2861d467f 9a0075aefc834e1dff1cdb485440333e78ac6057d2041679b58708a22d03614e Loading...

	#4 Eval - 6666cf52b5a165b8842591ef038db210	23 kB	2024-08-21 08:07	2024-08-21 08:07
Pretty Observations First Seen2024-08-21 08:07 Last Seen2024-08-21 08:07 Times Seen1 Hash 6666cf52b5a165b8842591ef038db210 5651aad2ab4a7cbf6c1a8e4e1dbced41352145c2 eb991d07e8a5f273687f60d19e8f0de4c2d654d8556e0cc5e5ba768630520c83 Loading...

	#5 Eval - ff08f30d8b24994bb1650e9e629c4f86	22 B	2023-08-16 08:42	2024-08-21 08:36
Pretty Observations First Seen2023-08-16 08:42 Last Seen2024-08-21 08:36 Times Seen566 Hash ff08f30d8b24994bb1650e9e629c4f86 3a5c681cc2847bbec5d96bac8f0ea36554d02800 281dedb55d99025d1eb1ccff22b6d21bfbaa8bd6027bed7799f4e1512c9585f1 Loading...

	#6 Eval - 7f59e724f1dcb09de146c34e952b890b	22 B	2023-08-25 09:05	2024-08-21 08:08
Pretty Observations First Seen2023-08-25 09:05 Last Seen2024-08-21 08:08 Times Seen336 Hash 7f59e724f1dcb09de146c34e952b890b 4d5cc8c791e3e187ee1bef513863359065611361 948fe822e1f252affec95fbb7e142f286cc8f1d5f95e6ee15e180d51911bb1f7 Loading...

	#7 Eval - 0e767e4af92f5696a44ab63d5430146a	22 B	2023-08-25 09:05	2024-08-21 08:08
Pretty Observations First Seen2023-08-25 09:05 Last Seen2024-08-21 08:08 Times Seen336 Hash 0e767e4af92f5696a44ab63d5430146a 49f0aee24b1f768e680d5546a9697d572ebc9ce0 d6104dc878d1d4a2d30e99a4c2a40f2a11004fa699e28650f819b8da06eb0473 Loading...

	#8 Eval - 40899587f73c1e5632bef7d3f4937858	19 kB	2024-08-21 08:07	2024-08-21 08:07
Pretty Observations First Seen2024-08-21 08:07 Last Seen2024-08-21 08:07 Times Seen1 Hash 40899587f73c1e5632bef7d3f4937858 ab3b947415e21a9f8afda8aca27a62aee586b240 8cff5a0812490bf946a37e5203b742123f2fd8ed0c48182cc00a8b57f6ff4950 Loading...

	#9 Eval - 16bdfef01036bdca12d985b34ef67d8f	64 B	2023-08-16 08:42	2024-08-21 08:36
Pretty Observations First Seen2023-08-16 08:42 Last Seen2024-08-21 08:36 Times Seen565 Hash 16bdfef01036bdca12d985b34ef67d8f 9f8e95833aafb56f347853589f93679c1e664a3a defb92fe3de46608d55894d4420840522403ad0e935b312b5331dfa4353c3a4f Loading...

	#10 Eval - 0f12556946c58b926a1c408f51c0c36b	16 kB	2023-08-25 09:05	2024-08-21 08:08
Pretty Observations First Seen2023-08-25 09:05 Last Seen2024-08-21 08:08 Times Seen336 Hash 0f12556946c58b926a1c408f51c0c36b 5879e715f2f92dbf678507576ed775bf5f2e8da8 3be76aa5f6d58a0f535374b1ca84bfcda7dab9087a4e66817d015794afd6e975 Loading...

		Size	First Seen	Last Seen
	#1 Write - b43535cdb5c91dadc6aee6d5e748a82f	112 B	2023-03-07 01:18	2025-05-03 16:42
Pretty Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen50 Hash b43535cdb5c91dadc6aee6d5e748a82f 1f984b196fdc347058ea4d6a96de1ea8ad54a188 f8b855a740e4aa3db7ae2db2ca93a57bda6ab9b088f4854852b97ac2a5ba6fd5 Loading...

HTTP Transactions (64)

URL IP Response Size

meta-mask.pages.dev/static/picture/dapp-uniswap.png

172.66.46.214

200 OK

10 kB

URL GET HTTP/3
meta-mask.pages.dev/static/picture/dapp-uniswap.png
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10268 bytes)
Hash
1948962ad395727d902bd6b5fcd01807
f7e85e096b084ef6d9f550afbcd702fd889031a5
ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/picture/dapp-uniswap.png HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/png
content-length: 10268
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "420e724ef72c8e648cd84677ebc681e5"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rr%2Fb0hRDWi6tlYepCfc0mbHmCIO%2BN4T2AlhQmxh8%2FDGID28FSO32D8Eg%2BFilh3zJ2M0fHlkSRumw55WL6VZiQjW31KF2bcAvh3aWZnNwws%2FJvHjNo2H19T%2FsUDkSSTKxOexlgxHL"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e43b4ee-OSL
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/picture/dapp-rarible.png

172.66.46.214

200 OK

6.8 kB

URL GET HTTP/3
meta-mask.pages.dev/static/picture/dapp-rarible.png
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
6.8 kB (6840 bytes)
Hash
b9f7c0fd11c34c044799e673947103f8
491baab057af39b2b24bf0c671d0eb05454b8c48
29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/picture/dapp-rarible.png HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/png
content-length: 6840
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "da9904d57b15ec1dc2c2ceb86f8357da"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fesVYp7d1dfF2E5Rb0UFFG3XTwEnGeRDAEPn5JVwIT4aA2PSBHsTWwmHAX1wp92IBzd5LBSNNDm1AEh7AdVU0xTAA%2FFYLwCyXT1lALhizjhUVpC%2FEpxAmxlXK1lZUNXo13XgSe%2Fi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e42b4ee-OSL
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/picture/dapp-axieinfinity.png

172.66.46.214

200 OK

43 kB

URL GET HTTP/3
meta-mask.pages.dev/static/picture/dapp-axieinfinity.png
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (42713 bytes)
Hash
5f662391fe3ddc927134ba8e15263eaf
ab5ea7aacdc8c97238247f59761abc02033b2a67
7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/picture/dapp-axieinfinity.png HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/png
content-length: 42713
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "5f91788c5de549cbb3e5bcabe7df3a78"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M82KLOkiSsy1RVdKWJ%2FD7AjOcb77s1smXIdc6zmgwfrdw6%2BRmTmNx776envJ42Bl9HA%2BkmxPmqi2p2XQO2Fc%2FLj7BAEGgw%2F4nfAKa0dDezvjZUoZlyiGxdgnY2tr8B2lcxGtOUQO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e39b4ee-OSL
alt-svc: h3=":443"; ma=86400

metamask.io/logo.js

185.199.109.153

404 Not Found

18 kB

URL GET HTTP/2
metamask.io/logo.js
IP
185.199.109.153:443
ASN
#54113 FASTLY

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint27:5C:85:87:68:B7:03:89:D6:D0:B1:2B:9B:5B:7E:45:6C:E4:62:4E
ValidityMon, 24 Jul 2023 10:11:34 GMT - Sun, 22 Oct 2023 10:11:33 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (36272)
Size
18 kB (17746 bytes)
Hash
fc1a5ec05ed47720724925b52220aed5
2f3d0774e20e0a76961cc9ba327201e1863d8f20
197eda9d709fb2995d4d02632f233c23ace458a34d341b57c22d5d80d069c9e4

HTTP Headers

GET /logo.js HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"64e2c90d-12c02"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3EBA:D69F:B99BDF:BDF112:64E87FFA
accept-ranges: bytes
date: Fri, 25 Aug 2023 10:18:34 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1680-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1692958715.500457,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: dc067107d98c96aa7e090c24c66a3343f674b652
content-length: 17746
X-Firefox-Spdy: h2

meta-mask.pages.dev/static/picture/dapp-compound.png

172.66.46.214

200 OK

11 kB

URL GET HTTP/3
meta-mask.pages.dev/static/picture/dapp-compound.png
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11355 bytes)
Hash
3818f9cfccbd94fad91a10d3c5ee356c
7c6af849177aa8bf6ef9bcbf801dc375e1997900
20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/picture/dapp-compound.png HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/png
content-length: 11355
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "ea443f5b717d6fd57e04e928914843ea"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ydalM9lPC3w2%2BVy62NnujVR8qzyq4L2ka5x8mOueaTECn%2FrogqeSSn0g%2B5wkjB5clf7Xyaji5QEavSMcH21Zpqy2QCEC9yFmHvXz8%2FOeT3VLHSCOhABlffz%2BnNahsaeH7W7t%2BC7p"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e3bb4ee-OSL
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/picture/dapp-opensea.png

172.66.46.214

200 OK

6.5 kB

URL GET HTTP/3
meta-mask.pages.dev/static/picture/dapp-opensea.png
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6533 bytes)
Hash
f82776f839cec899c9c87a680226aabf
43f5dedb6216cb02ee568fcb66cb19fc296c3a85
c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/picture/dapp-opensea.png HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/png
content-length: 6533
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "3f43a837e2d21bb641e9dd41ad3138bb"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJ6xVzoZlthkIdrNtgTpcjoE6GBjvFUkgtvUWi20EdvrBsmLmbV9H6TkK1hie2UnjATPPR2vkOyKHHUc7DPU4V%2Fp0PTJGTKlnEAki95C%2BF3q410lgdv5WAFUHiYzPlemYRraJUpS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e40b4ee-OSL
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/picture/dapp-aave.png

172.66.46.214

200 OK

14 kB

URL GET HTTP/3
meta-mask.pages.dev/static/picture/dapp-aave.png
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14347 bytes)
Hash
521a00d54b7fe1cb1d7712b655ca54a6
8c5aa52335bf25183781e62843ede770bf6877ba
506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/picture/dapp-aave.png HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/png
content-length: 14347
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "a820dbc81262e9222e4edf94745891e9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4h6H8sKtJPTFW5a8eGMbtkDZ%2Flrd3nmOuZhRZ1C7P1PAiJn2sE6l3639G2v3Fb2xfdNbkFFBW%2FLmIqRXh2oYshlYo1I%2B6%2F%2BEerWkzxUx8ArD%2BSpgfUdpFwXKkL92dIABdcbySmVJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e38b4ee-OSL
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/picture/dapp-gitcoin.png

172.66.46.214

200 OK

8.0 kB

URL GET HTTP/3
meta-mask.pages.dev/static/picture/dapp-gitcoin.png
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (7998 bytes)
Hash
c710e9a5c39e89136a73edf0a1c99abe
aca40362b7d87533d00250e102ba852d19e2231c
7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/picture/dapp-gitcoin.png HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/png
content-length: 7998
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "e4ee44e28565578050e98600aaf47c15"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwC9Lh0msTXkIyFXiq65BijN26O3AH%2FwXJvwPsjoNDFE%2B0hcnbq1vpSlm9%2Fc89vWXsGPc0rG2wy0koebCKF%2BF4fBkfCxjJ%2Bp7g8%2BImy9do%2BBJRsr%2Fy8%2F53QJoonkSZGo5vND9YU5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e3db4ee-OSL
alt-svc: h3=":443"; ma=86400

metamask.io/logo.js

185.199.109.153

404 Not Found

18 kB

URL GET HTTP/2
metamask.io/logo.js
IP
185.199.109.153:443
ASN
#54113 FASTLY

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint27:5C:85:87:68:B7:03:89:D6:D0:B1:2B:9B:5B:7E:45:6C:E4:62:4E
ValidityMon, 24 Jul 2023 10:11:34 GMT - Sun, 22 Oct 2023 10:11:33 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (36272)
Size
18 kB (17746 bytes)
Hash
fc1a5ec05ed47720724925b52220aed5
2f3d0774e20e0a76961cc9ba327201e1863d8f20
197eda9d709fb2995d4d02632f233c23ace458a34d341b57c22d5d80d069c9e4

HTTP Headers

GET /logo.js HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"64e2c90d-12c02"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3EBA:D69F:B99BDF:BDF112:64E87FFA
accept-ranges: bytes
date: Fri, 25 Aug 2023 10:18:34 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1680-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1692958715.821472,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 72baffb84072b0eee60701a4117ad12e3166baac
content-length: 17746
X-Firefox-Spdy: h2

meta-mask.pages.dev/static/picture/dapp-maker.png

172.66.46.214

200 OK

6.9 kB

URL GET HTTP/3
meta-mask.pages.dev/static/picture/dapp-maker.png
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
6.9 kB (6852 bytes)
Hash
720871ca002e89a10d26e5c516066311
8648fe12645cd5c3473a73faba1d42cef78de444
f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/picture/dapp-maker.png HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/png
content-length: 6852
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "0e623ce711feb8b7fc36b073e0567293"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmBIfocTTbGU3P13G9Kd4DR8Od5I89ZDk4C2irDd6MHqGb9AY3kZv38AxOwcIVK0vC2MZ7pE7hhIqacdkOYf24AVGy9sRiZbp%2BR23Ua5OidmkYGrrqmnJL0pCJDVKzQDDB1Njf5k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e3fb4ee-OSL
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ca3d7b365d3c10d745c10efa172a35d
1e1f1872536edbdd81bb9db8c28e60f3ec0e3898
b88f59ee8fa2c4c85a4e71287d5d133945f8eb1d4246996a44baca3c94dc8ab7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Aug 2023 10:18:34 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

meta-mask.pages.dev/static/font/EuclidCircularB-Regular-WebXL.woff2

172.66.46.214

200 OK

45 kB

URL GET HTTP/3
meta-mask.pages.dev/static/font/EuclidCircularB-Regular-WebXL.woff2
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Size
45 kB (45196 bytes)
Hash
2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/font/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://meta-mask.pages.dev/static/css/metamask-staging-2.webflow.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: font/woff2
content-length: 45196
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "00e4bcaa1008576488ddb4cb1a5ce0b9"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uMFQLBjF34Te3GQRkVqD7c3kqEkq7EIHFwzzkYZlkyVrUpZrGhqvpinIkF6J6uAwfRgFo%2BppRPRVkUJ4YA%2F2o2jIzYD4e%2BB73W%2B3o%2FVNcDzFHsCZAcA4Jhv6zGyqdsNO1puJtLgx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177faa03b4ee-OSL
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/font/EuclidCircularB-Bold-WebXL.woff2

172.66.46.214

200 OK

44 kB

URL GET HTTP/3
meta-mask.pages.dev/static/font/EuclidCircularB-Bold-WebXL.woff2
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Size
44 kB (44544 bytes)
Hash
9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/font/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://meta-mask.pages.dev/static/css/metamask-staging-2.webflow.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: font/woff2
content-length: 44544
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "a83e41fde919d38e46f16e21c7080160"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MnompSpWXSRKjdVcu5zqsc2%2BftyJ8d9UheGzFMhXKUhd%2FToiBRF8gkqE4aZhnpPykmuR7SdH9nTFzIt68js5Hs2bA9yiaLdzr5qaegrxP8erwB8OJ8pAGS6UApOWN1z7QAionWA2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177fba0db4ee-OSL
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/image/hero2.2.png

172.66.46.214

200 OK

590 kB

URL GET HTTP/3
meta-mask.pages.dev/static/image/hero2.2.png
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data
Size
590 kB (589568 bytes)
Hash
d0ec70f4c666fbf6ad0d30a52d08c5c9
e48f0688bc4f592824840478d12c05df0dd12002
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/image/hero2.2.png HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/static/css/metamask-staging-2.webflow.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/png
content-length: 589568
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: "42b1623960563c50f3bbf755c726aef2"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nkIkVC7ALzsHOgzYVsFcaLKeezL9mCpxgwaLLXUBq0QaWuiUBGEYlaY2yUIeQlPNWHM8RLGfwgpPX62GGIVSuZ4U13neWgKJKkjKhKgZxvhaxfgmYj199UADaJ%2Fi0p%2BBHCn7oiY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177fa9f7b4ee-OSL
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/media.html

172.66.46.214

308 Permanent Redirect

0 B

URL GET HTTP/3
meta-mask.pages.dev/media.html
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /media.html HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 308 Permanent Redirect
date: Fri, 25 Aug 2023 10:18:34 GMT
content-length: 0
location: /media
access-control-allow-origin: *
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TLi3F31ucdqTheejl0zk%2BPaESaL%2FuVAyXgJRHgve8W9MF%2B96SKnxf%2BGEkcKWVwq%2Bl1rBnqMpj4kqx72nyQqPv9o21f%2BnSe1JAtbWpjG%2BQdiq8DPQYrM8%2B6a%2FogX3BUAGadYyiIk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc317808b3cb4ee-OSL
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5ca3d7b365d3c10d745c10efa172a35d
1e1f1872536edbdd81bb9db8c28e60f3ec0e3898
b88f59ee8fa2c4c85a4e71287d5d133945f8eb1d4246996a44baca3c94dc8ab7

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Aug 2023 10:18:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
72438717548786e23e3c1b2ef3ad6581
853eed136622460def10b2ff167efbd0993ff1f2
ed30dd609d16a8c2796f40c3309709a152e995e789033a1f7dd60bcd9129404a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Aug 2023 10:18:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Changa+One:400,400italic

142.250.74.74

200 OK

8.2 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Changa+One:400,400italic
IP
142.250.74.74:443
ASN
#15169 GOOGLE

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint2A:06:F9:5A:FD:FC:89:5C:D7:C5:CC:38:F0:25:78:FB:15:9F:5A:67
ValidityMon, 31 Jul 2023 08:22:19 GMT - Mon, 23 Oct 2023 08:22:18 GMT

File type
gzip compressed data, max compression\012- data
Size
8.2 kB (8212 bytes)
Hash
44f615485f6f1b3c642c2823af5555fe
2eeac8aa35e7f885be8644a473a930bf4e902c59
30bc4040a6676593eb9000fa0a3ce166a3f95216e15938e251919d8c030baf35

HTTP Headers

GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Aug 2023 10:18:34 GMT
date: Fri, 25 Aug 2023 10:18:34 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

142.250.74.35

200 OK

8.4 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Size
8.4 kB (8404 bytes)
Hash
141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

HTTP Headers

GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://meta-mask.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 19:17:19 GMT
expires: Sun, 18 Aug 2024 19:17:19 GMT
cache-control: public, max-age=31536000
age: 486076
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
72438717548786e23e3c1b2ef3ad6581
853eed136622460def10b2ff167efbd0993ff1f2
ed30dd609d16a8c2796f40c3309709a152e995e789033a1f7dd60bcd9129404a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Aug 2023 10:18:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=

104.17.239.249

200 OK

2.1 kB

URL GET HTTP/1.1
forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
IP
104.17.239.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (5788), with no line terminators
Size
2.1 kB (2143 bytes)
Hash
4c8e103d8bc42812c8f959ded88c26a8
254be3231594db132c125055a32183c9c8881f61
5b65401e3a4b066f0b5c5a64cb4d9ad76d70d8255e834b4e119240e862bce0af

HTTP Headers

GET /embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 25 Aug 2023 10:18:35 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace: 2B5376761D166DCB663DDFD62DDBB194AC54611D9E000000000000000000
X-Origin-Hublet: na1
Vary: origin
Content-Disposition: attachment; filename=no-rfd.txt
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: false
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
x-envoy-upstream-service-time: 10
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-bgnx4
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
X-HubSpot-Correlation-Id: b9c933d0-69e6-4020-9171-8c67e5db3e59
x-request-id: b9c933d0-69e6-4020-9171-8c67e5db3e59
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 7fc317814d9fb51d-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e24d71b62e3bbb13b96bdb8f206b5385
f2fed53f537777abb97b0eb20296ebb25f36a0da
434a35ddd7e5ee7f635a9e16d70a37fd82ab515523a27256cdb32e20c26b28d6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 25 Aug 2023 10:18:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

216.58.207.228

200 OK

614 B

URL GET HTTP/2
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint04:E5:DA:A8:FA:1A:A4:D3:8D:82:3E:8B:A5:7B:9F:FF:06:6B:6E:95
ValidityMon, 31 Jul 2023 08:22:58 GMT - Mon, 23 Oct 2023 08:22:57 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
614 B (614 bytes)
Hash
aac3288b87f93219ccd838f40e3985d7
4f1e30acf86e034db135c6d666702fc72f86c155
8eace2ac1082d16eaa54c0851cf077baf7d925e1791e24df78d4d1d72fe02958

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Fri, 25 Aug 2023 10:18:35 GMT
date: Fri, 25 Aug 2023 10:18:35 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 614
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

meta-mask.pages.dev/static/css/normalize.css

172.66.46.214

200 OK

188 kB

URL GET HTTP/3
meta-mask.pages.dev/static/css/normalize.css
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
188 kB (188135 bytes)
Hash
4951cc88307c632cf285d3ba988ab283
031d58bc40b4242b27d8171a01bb0ecb5f9d22d7
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/css/normalize.css HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"07bbec774619cbef402cbb28b6ff84d1"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4dSfv8ZximuwuYVKO4kR4Zew7XHNI6EiGaGOLq%2BeCkSDPLD3YcvuMGZXDIf2KET2LW5O5Ez2ReNmg8UNgIRqU1tx11uAq2lfPKTFsuDEa8w%2FK%2FgGdCR3lDjj6AVy11RNH1wrqqS"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d4e07b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/js/z_stat-1280416669_1280416669.js

172.66.46.214

200 OK

4.5 kB

URL GET HTTP/3
meta-mask.pages.dev/static/js/z_stat-1280416669_1280416669.js
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (11743), with no line terminators
Size
4.5 kB (4501 bytes)
Hash
353daf9b52d5c8a3b676697e936be0df
7ab63d21145ef6a7911bde574639ef465475e39f
1faf7b777617666f6102595506465a3e43668b0abf2574bf6b4a472f41385c2a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/js/z_stat-1280416669_1280416669.js HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"2bdc6402dde6233d58b927dc77dfc27d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p0RIbKcwBj0O1YMMe5l05uIKgs6lr9ceI6pAlhsZRlm9PLrPX1bZwexC3eYR59afdaKAVvmmfLWaMqUm5kwArZc4mGQoMVHO0m%2FsGK2USSGqwpB7C2peF4wx7MghMHSDtEbO%2Bffy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e4db4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__zh_cn.js

142.250.74.35

404 Not Found

1.6 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__zh_cn.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1624 bytes)
Hash
0e0d623573435a71150ee82ba4b748ce
5c2c04bc996655e0c26f73081e45f3a8014a9a3e
04298ad6378ad5705b87ebb68e7a802efa55ffd6b4ccc5e932d38d3b7f59d1c9

HTTP Headers

GET /recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__zh_cn.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
Origin: https://meta-mask.pages.dev
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Fri, 25 Aug 2023 10:18:35 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2sucGFnZXMuZGV2OjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=543q6qqeizat

216.58.207.228

200 OK

29 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2sucGFnZXMuZGV2OjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=543q6qqeizat
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (44188)
Size
29 kB (28952 bytes)
Hash
a7b8149290c2cf2b3002a596c0b64e3c
3301dce56ea90ea38b8f40715afd95d1dc0b0017
cdd4232da162afb88c597f2f60feb89202b4e012255873c5daed41335fd21a5f

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2sucGFnZXMuZGV2OjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=543q6qqeizat HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Aug 2023 10:18:35 GMT
content-security-policy: script-src 'nonce-QNfzOZFetjXZhUV3yxX1zw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28952
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

meta-mask.pages.dev/static/css/webflow.css

172.66.46.214

200 OK

9.8 kB

URL GET HTTP/3
meta-mask.pages.dev/static/css/webflow.css
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (2587)
Size
9.8 kB (9757 bytes)
Hash
13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/css/webflow.css HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"fac6aeccd66aa624eae98fbbbef6bb29"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g%2FtPoH4QzA6DbaBDdiXyi%2FUscBbuw8J2SYAy7B6MtjMFrtYIwnMB9p1EcMIChE799Lqn%2FCQ%2FvPbjKxNmMJNof5cUpu68dwdakV%2BRUgc037HKPz5MZ80Rc9DksY0XSR5m%2BwK9W8z2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e26b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/media

172.66.46.214

200 OK

124 kB

URL GET HTTP/3
meta-mask.pages.dev/media
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (56485), with CRLF, LF line terminators
Size
124 kB (124140 bytes)
Hash
83f61f7b1d3cf1d29a84e4e82228bea7
407393fae7cd81d0d88a95c85b5c0d954cadb7a3
0dcdaab7f6b7f2b76c3c5c4a96b3c2b6dfc3f5c5cf813cce8043a20d3837bf33

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /media HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: _ga=GA1.3.1265384225.1692958706; _gid=GA1.3.984203879.1692958706; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:35 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"47268c6054ee5b3a88277718a0333f8f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YuSxHQ7sjc8SBLOXs037yXT3aDykT5p03AxxpRyk05VL5Q3F0IfcpS3p%2BFTgALUbWICxAO9G9c7BxxDsaoQdcHWIXZlRZ5SJ1Mz2ZQXnae8zpDDtSefeYwTgJGkYk4dzBIF8V0QV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc31780dba8b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/css/metamask-staging-2.webflow.css

172.66.46.214

200 OK

204 kB

URL GET HTTP/3
meta-mask.pages.dev/static/css/metamask-staging-2.webflow.css
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
ASCII text
Size
204 kB (204345 bytes)
Hash
3ff3a5ef5b87297f152883e3192fa68e
5cf05757983bb3c52adccfe206cad216d3f6fd31
de4561b975a3b97f4b060cc2c28a94d6018ec61600d63b4d7c0e48efb0409f08

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/css/metamask-staging-2.webflow.css HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"80e03e65c9b90c3d1876d39417cc8ef4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7qdhymQfpRx9LTo7ZWr1gbEqgSQoM1%2FPqoJbVG2n37b6%2FXNLh7Y937DvMal8Zyz%2BLy%2BRP2ogNrj1pShN7Qx4P09qk1VQlBoAkmYS7SMW4fhSkoC2c4wGKZrhIyDAlR5I2GGYk2EU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e27b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/js/v2.js

172.66.46.214

200 OK

146 kB

URL GET HTTP/3
meta-mask.pages.dev/static/js/v2.js
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
146 kB (146094 bytes)
Hash
40544d5dbcd42e3128e75c41a313bb6b
07238a687a240643e6fd60455e71e157b1f72262
a6e30a1c4e1913d92f1ef2906fa03630ee961e2ae777ffaa15a2ebc47176e485

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/js/v2.js HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"07625426e86de0780dab07ce8957921b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPcYFjTyblKYGB7mRUaM%2FW5zfSf3XptmPOUyjY%2B1bUchYCXQkj3j2LPlh196UGHT2pwzu%2FwyUgUdjRasSb%2FKx7YnrjknC61%2BTTQyyi6P6FbYyN5QNiqR5wh1z16I5Im6bcUw8PEU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e46b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 15:24:26 GMT
expires: Fri, 23 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 68050
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.35

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 22 Aug 2023 05:45:56 GMT
expires: Wed, 21 Aug 2024 05:45:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 275560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq

216.58.207.228

200 OK

112 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2sucGFnZXMuZGV2OjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=543q6qqeizat
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
9850c72f212186063d38d2b8ff0c678b
9cf08c9995213b8252aaed87931c91e456b8b6b2
13f425cbab48a8199950e3873a94b5f8faa294a66f751cfe15423d34dfc98ff8

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2sucGFnZXMuZGV2OjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=543q6qqeizat
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Fri, 25 Aug 2023 10:18:36 GMT
date: Fri, 25 Aug 2023 10:18:36 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2sucGFnZXMuZGV2OjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=543q6qqeizat
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Aug 2023 14:42:45 GMT
expires: Fri, 25 Aug 2023 14:42:45 GMT
cache-control: public, max-age=604800
age: 588951
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

meta-mask.pages.dev/static/js/webflow.js

172.66.46.214

200 OK

324 kB

URL GET HTTP/3
meta-mask.pages.dev/static/js/webflow.js
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (54239)
Size
324 kB (324159 bytes)
Hash
aa932307fd6818913c360441a1d21397
5d832542de495c05a829b2cdba867b8e508a69dc
8de8a14b1b42b80ff2a89d3afaccd40bad8e6f1b507cc20fe78408c8ff7aa252

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/js/webflow.js HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"a227ab6097c4a9cee0550bb2369c6cc4"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9xkbHeFtjiV%2BlHgHa2RNtZrwMJ6PujrJ%2F%2BtCELr1priK3DQX8SwCEOb7P8iGF%2BQpO6ftZ9RcIVXmirvHqw6maxl6VfN%2Fu8ECuUCx2JJb8X1sVPvtJYjS7SYiosHzIAVVHkYZ7M7e"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e49b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

216.58.207.228

200 OK

1.2 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.2 kB (1164 bytes)
Hash
e2da733bccd4075172ef540046dcb554
0c8a730cb819128f79f00eeaa56cd68d45c4c713
5b991ca7d44eae305ff19b6c2c037968307cec215df5f8b11e4db70e215a870f

HTTP Headers

GET /recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 25 Aug 2023 10:18:36 GMT
content-security-policy: script-src 'nonce-2GYf_6oiobPXiX83PweVLg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1164
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2sucGFnZXMuZGV2OjQ0Mw..&hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&size=invisible&badge=inline&cb=543q6qqeizat
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 25 Aug 2023 00:06:49 GMT
expires: Sat, 24 Aug 2024 00:06:49 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/css
vary: Accept-Encoding
age: 36707
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js

142.250.74.35

200 OK

186 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
ASCII text, with very long lines (679)
Size
186 kB (185519 bytes)
Hash
e346196cabbe1100839406d8f02a31c3
24f54bd82fdab0dc9bc5c6a71e33eefc02286aad
9dab174b3b1ef754d71d613162c1e1f5b88f9f317da8d1f14c146be9c6d9fd35

HTTP Headers

GET /recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 185519
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Aug 2023 17:27:03 GMT
expires: Thu, 22 Aug 2024 17:27:03 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 17 Aug 2023 18:11:22 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 147093
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

216.58.207.228

200 OK

25 kB

URL POST HTTP/3
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
ASCII text, with very long lines (40938)
Size
25 kB (24628 bytes)
Hash
39425b9d3bbfffecc5417667baf036fd
226636eb4c831ac06c0ce3871d5c8c2494ae2f4a
c488a6a3fcfb908acb9a733fa4b07741cf0437c5e069133208679e6624eef5e9

HTTP Headers

POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6644
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Fri, 25 Aug 2023 10:18:36 GMT
expires: Fri, 25 Aug 2023 10:18:36 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 24628
server: GSE
set-cookie: _GRECAPTCHA=09AG8ZzsuGlsglOpRCPgs3M2e1NMMNJ4VpsMpUCsR3GEAXwOOIDF66Spth6dTJRlKUutKWzDLqDl2-9ywVSlUcLa0;Path=/recaptcha;Expires=Wed, 21-Feb-2024 10:18:36 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.35

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 15:24:26 GMT
expires: Fri, 23 Aug 2024 15:24:26 GMT
cache-control: public, max-age=31536000
age: 68050
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

meta-mask.pages.dev/static/js/webfont.js

172.66.46.214

200 OK

21 kB

URL GET HTTP/3
meta-mask.pages.dev/static/js/webfont.js
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (2134)
Size
21 kB (21001 bytes)
Hash
7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/js/webfont.js HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7f3658462391a37242d0bdca0496e159"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FQyNL47IO7LUvrnmQu6PRpy9z5XWWfcGw8A%2BCfG%2BNiZitR1qCe9aTBWn5tr8RyzcjHFOoMaY9Ql2iXwZrGhYrDSDJJxyUo1Z9w%2F6GTVJPIz5clZfJMbuX314POgbQ%2BaRslNsaM7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e2ab4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

142.250.74.35

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 15:15:27 GMT
expires: Fri, 23 Aug 2024 15:15:27 GMT
cache-control: public, max-age=31536000
age: 68589
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/payload?p=06ADUVZwAqBRnQvv17hYiG1KZllq1qYeHeqJWlMynIFNGIjKJr_rlngGWDybL6IUtuvcE1Ua9_xT767yA3qFtxrFE-YVHThX-XKRZtkwZzrWPrRg9qp00RdrvYdlXZ3P9yW1egjasVJ1a5tnrq6ZGnhb2WuVwKEfnqblh5FJD2RkdTtWKwz8NPvsgNTP44cBxzuGNMJpQYOJj7&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

216.58.207.228

200 OK

59 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/payload?p=06ADUVZwAqBRnQvv17hYiG1KZllq1qYeHeqJWlMynIFNGIjKJr_rlngGWDybL6IUtuvcE1Ua9_xT767yA3qFtxrFE-YVHThX-XKRZtkwZzrWPrRg9qp00RdrvYdlXZ3P9yW1egjasVJ1a5tnrq6ZGnhb2WuVwKEfnqblh5FJD2RkdTtWKwz8NPvsgNTP44cBxzuGNMJpQYOJj7&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint6B:BC:50:D6:D8:AB:DE:2F:10:C5:BE:7D:98:41:FA:8E:F2:D8:34:C4
ValidityMon, 31 Jul 2023 08:16:44 GMT - Mon, 23 Oct 2023 08:16:43 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3\012- data
Size
59 kB (59345 bytes)
Hash
f00075a82d222cb329a3bff92b5a4f16
b56ec8fe3661cf931e4a937f53680e690275084b
600decfa2b2d2dd6aff465e440fb5eb856ce0bcfc4ee12847d6317a9f809fda4

HTTP Headers

GET /recaptcha/enterprise/payload?p=06ADUVZwAqBRnQvv17hYiG1KZllq1qYeHeqJWlMynIFNGIjKJr_rlngGWDybL6IUtuvcE1Ua9_xT767yA3qFtxrFE-YVHThX-XKRZtkwZzrWPrRg9qp00RdrvYdlXZ3P9yW1egjasVJ1a5tnrq6ZGnhb2WuVwKEfnqblh5FJD2RkdTtWKwz8NPvsgNTP44cBxzuGNMJpQYOJj7&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AG8ZzsuGlsglOpRCPgs3M2e1NMMNJ4VpsMpUCsR3GEAXwOOIDF66Spth6dTJRlKUutKWzDLqDl2-9ywVSlUcLa0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Fri, 25 Aug 2023 10:18:36 GMT
date: Fri, 25 Aug 2023 10:18:36 GMT
cache-control: private, max-age=30
content-type: image/jpeg
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 59345
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.35

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 15:12:23 GMT
expires: Thu, 31 Aug 2023 15:12:23 GMT
cache-control: public, max-age=604800
age: 68773
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.35

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Aug 2023 04:54:45 GMT
expires: Thu, 31 Aug 2023 04:54:45 GMT
cache-control: public, max-age=604800
age: 105831
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.35

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=x19joXI_IeQnFJ7YnfDapSZq&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/x19joXI_IeQnFJ7YnfDapSZq/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 11:00:47 GMT
expires: Sat, 26 Aug 2023 11:00:47 GMT
cache-control: public, max-age=604800
age: 515869
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

meta-mask.pages.dev/static/js/analytics.js

172.66.46.214

200 OK

50 kB

URL GET HTTP/3
meta-mask.pages.dev/static/js/analytics.js
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1325)
Size
50 kB (49529 bytes)
Hash
876c0f150943aff8b256da31f79ac00e
b54a0b23c420cc5a9e491cbb3817ecdb65e81991
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/js/analytics.js HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"7af49b0e9005dd7cd44664c2c372a13b"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3bKXdS1S68zaWg37ZRWNceXz3%2BfOralDIg2OorfFsCg9N%2FaVI%2BqI2yAkrA7%2FyOTxUjinnaLmzyxCTnlLtKS5MOJyd9qhHB7NK4CGLS7uAb5uN7gAN0u7I%2Fn6EwepvY%2FGmRgvqbi6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e29b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/js/enterprise.js

172.66.46.214

200 OK

1.0 kB

URL GET HTTP/3
meta-mask.pages.dev/static/js/enterprise.js
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1011), with no line terminators
Size
1.0 kB (1011 bytes)
Hash
f565ad01ef85ebe1ffbfa97f91a960c4
a8636143698b1981c2f7c482dad7aa2ac07e4ed2
c8767e2f7a52c171fe807dc80a53bc334a0700e9e38ad28245d6e16d9101c26f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/js/enterprise.js HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"03d091903411bba3658e88f44bcc1b2e"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LSQ6LA%2BlXKMdMW3ot6ER96cArDqMiGAjY4U6GRuxZIKiSND5rAoYHPJO2s2huTEJoy4HgvJoBy08d6DFBdkAq%2BdhZWC20e0vPjTVKDiFBTS0fb2aUdFyy6pdbBQ7bnikXoV0Nb28"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e2eb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/picture/social-35.svg

172.66.46.214

200 OK

602 B

URL GET HTTP/3
meta-mask.pages.dev/static/picture/social-35.svg
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (665), with no line terminators
Size
602 B (602 bytes)
Hash
885efa5a5f2076d86def5755fb4012c9
7e912d4bb0476fed824eb9308d01d974b55b52c1
82ab5f4aece8bba358567f6cbafc0da0640a634140124a1330453996bd47dc71

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/picture/social-35.svg HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"ebded59d66804d95f40f10622faa418d"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rAQi%2F6gtfgQbBrnC5FMaPmP9w6XHAU6h5dFoLr9sYsIf59XwdAtbLn3PHpkRyDQ5qcg%2BWYEHNSNpJyQ%2BCl%2Fem7HcoQ5FJcthCSVFvCkONHd%2F0xqkUKxHJKh6QUw5ggLEnrteQJdY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e31b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/js/jquery-3.5.1.min.dc5e7f18c8.js

172.66.46.214

200 OK

90 kB

URL GET HTTP/3
meta-mask.pages.dev/static/js/jquery-3.5.1.min.dc5e7f18c8.js
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/js/jquery-3.5.1.min.dc5e7f18c8.js HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:35 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"0d2f10dc66fa6608db7885d7d7595be7"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ojd3Qwx5F0jRJ3ih0A6uQuMHC8N5psybYQBPYq9N9ySJfcOSBHoxqivec4y4qgQEs8PMWt1RHQh1FBp7FIafd60Gqp%2FbOS2E6DyUKk1Im3f1SrSToStbV6AteIr1OUYtkKNCFoWD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e47b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/picture/Browse-illo.svg

172.66.46.214

200 OK

28 kB

URL GET HTTP/3
meta-mask.pages.dev/static/picture/Browse-illo.svg
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2226)
Size
28 kB (28164 bytes)
Hash
afeafb6a9f14bd7771c63015be5a05c9
78683c75d81cf80440f083e9fb4bb2987748e290
517c0c6b44ede59070fb138aab7e875b9c230a227295f9612c32dabb9b0bdb13

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/picture/Browse-illo.svg HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"6134253d571eed060b3bd54dda137272"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9%2Fvhj8qxKUHDD3HZ%2F5l9FnpF5tvmuiI7Fwx3CtGKNTUJJKeM7qZo2ViN9vkiXkUBYg4IgY2nwP8ixeq4uEAJiXx%2BTDhmizodZXEn2OLdzoYOM%2B46LsbPrH4RQz%2BANZs60QY2D2BY"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e35b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.token.im.payloan.biz/images/webclip.png

0.0.0.0

0 B

URL GET
www.token.im.payloan.biz/images/webclip.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://meta-mask.pages.dev/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/webclip.png HTTP/1.1
Host: www.token.im.payloan.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067

104.17.239.249

200 OK

35 B

URL GET HTTP/3
perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067
IP
104.17.239.249:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:35 GMT
content-type: image/gif
content-length: 35
x-trace: 2BAD380ADDD542CD127BF7480EA79B624E33D20CA7000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
x-envoy-upstream-service-time: 15
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-7f89ffc67f-tkdzf
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: c6efb80d-75d4-4c58-a3e9-88d5e21d3579
x-request-id: c6efb80d-75d4-4c58-a3e9-88d5e21d3579
last-modified: Fri, 25 Aug 2023 10:18:35 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7fc31784aa79b4ee-OSL
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/js/gtag.js

172.66.46.214

200 OK

92 kB

URL GET HTTP/3
meta-mask.pages.dev/static/js/gtag.js
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1896)
Size
92 kB (92548 bytes)
Hash
8565965902198b680974beb4f8006741
3e60fb528c543082cc483acd620b78002e848fbf
28c8a04ee3648c79f7e5b15b1a62a816eb8073a4133bfb69ca291e5972e0f291

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/js/gtag.js HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"1f02c2275d90227702b906140b3f7560"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWCyawskNE6cEbYo6ghwVVUON7pk2TzglNzolFGYiuZ9u5leuLJl2RI2BvXSHmSN3JqnA%2FPJuTinrLv%2FTbRsHVFLyOCqTpPWxqPK0DL8lkLVRFFkBXEnHjpXscoHJnPiRICoYPVe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e2db4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/js/common.js

172.66.46.214

200 OK

1.3 kB

URL GET HTTP/3
meta-mask.pages.dev/static/js/common.js
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1428), with no line terminators
Size
1.3 kB (1308 bytes)
Hash
3d07c1f2c0c6eaa190f3b3b608e9f317
ea81f374e2b57cbe28ad51a1329b36e2c746cb2c
43d7338798322802e15f0319c43aa8cb3df1754bad216e8ed7571ef7a7321a2e

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/js/common.js HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"1252053c05ffdec570dfa633c9e2d9a6"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ycQ2sVyyaHq2t8bZA2Mv12hmQQhZGzyftiKBY8nSVzMeaOkrly6HiCY1%2BEm4utNBffl5i%2BNDwiPyAsvlMrsafuEVOGaEzKcvwDP7kj1hQ0pG7y7nv5ke%2BLZK2wmIJ7ATGywgRYfo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e4ab4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/

172.66.46.214

200 OK

43 kB

URL User Request GET HTTP/2
meta-mask.pages.dev/
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type

Size
43 kB (43221 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET / HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5f5d432e867cf1f4c25b03ca314f882f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27FpB1yMhtIGoOmJlzhnmcZReK9Kl3mSTOJElrbVGCyR929drgk042eywkRHlZTJ%2BTQyzVH6lCuFD6f8Nhtjic7lUHxdhcDYR4J4Dr%2FtjYg3mk9puCuYWCSdhi69CrPVSkb43K10"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177a1a700b41-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

meta-mask.pages.dev/js/analytics.js

172.66.46.214

200 OK

0 B

URL GET HTTP/3
meta-mask.pages.dev/js/analytics.js
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /js/analytics.js HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Cookie: _ga=GA1.3.1265384225.1692958706; _gid=GA1.3.984203879.1692958706; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:35 GMT
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"5f5d432e867cf1f4c25b03ca314f882f"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEXvb%2BpCzVV9kM5r3F02EzvKnqygjr%2FMtscTWeMiBKwTxzWUQh8mA8LTxBIRgwzS8JDcJjyG1oJnMyKuMkb8CqjW69qgbrOXo1g%2FS1WG5scXTkwMQTIhAw7qNFwbFubwV44V7MJW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc31780bb8db4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

142.250.74.35

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintB4:FE:48:07:8D:40:C5:C8:CB:74:41:13:3F:8E:10:8B:6F:1C:F4:CB
ValidityMon, 31 Jul 2023 08:22:18 GMT - Mon, 23 Oct 2023 08:22:17 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size
7.9 kB (7900 bytes)
Hash
61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

HTTP Headers

GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://meta-mask.pages.dev
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 19 Aug 2023 10:45:02 GMT
expires: Sun, 18 Aug 2024 10:45:02 GMT
cache-control: public, max-age=31536000
age: 516813
last-modified: Thu, 21 Apr 2022 17:15:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

meta-mask.pages.dev/static/picture/Explore-illo.svg

172.66.46.214

200 OK

37 kB

URL GET HTTP/3
meta-mask.pages.dev/static/picture/Explore-illo.svg
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1527)
Size
37 kB (36835 bytes)
Hash
46fb450c5ecf6da758bca0975551f056
629157e884b450ecf5a94d38d736db3c7428245f
8ba2b37fd4f2f3c19c10109bc6111d3d71692c78f9351f1eb2a8cab5231b77b5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/picture/Explore-illo.svg HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"70edc0e650d6ab7527f8d6944e346bef"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W1iBqLbzQdRPAHvzcTbLYSbyzpQxlhx9lxUF%2F7GtKXKJj93tNRmUJy1W8HwljNBAyxVgQpgf8lSbXBz4MAjdtPv7aVzl5JWi0DxQE9tIWKszHBz2RSbeH8Zin9jJElJS%2FMkhZzkT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e33b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.token.im.payloan.biz/images/mm-shop-hoodie-p-500.png

0.0.0.0

0 B

URL GET
www.token.im.payloan.biz/images/mm-shop-hoodie-p-500.png
IP
0.0.0.0:0
ASN
#0

Requested by
https://meta-mask.pages.dev/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/mm-shop-hoodie-p-500.png HTTP/1.1
Host: www.token.im.payloan.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

www.token.im.payloan.biz/images/favicon.ico

0.0.0.0

0 B

URL GET
www.token.im.payloan.biz/images/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://meta-mask.pages.dev/

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: www.token.im.payloan.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

meta-mask.pages.dev/static/picture/mm-logo.svg

172.66.46.214

200 OK

12 kB

URL GET HTTP/3
meta-mask.pages.dev/static/picture/mm-logo.svg
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size
12 kB (12019 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/picture/mm-logo.svg HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"60eb7446a63210d2afe5dde637992f63"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vYnpV7XyFHFUc6Wc8B6rj43BbW8WXDzA1Xr89vrjhE7n4rCbrQW5%2FvS1OE7ENCrDVUwLvtSWs6iYZ2WFTN%2FrmheQe3tRnwHkBuCW0mAAiHyn6902kjsLr%2BlQ58tLVUhX6900TZW8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e30b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

meta-mask.pages.dev/static/picture/wallet-illo.svg

172.66.46.214

200 OK

36 kB

URL GET HTTP/3
meta-mask.pages.dev/static/picture/wallet-illo.svg
IP
172.66.46.214:443
ASN
#13335 CLOUDFLARENET

Requested by
https://meta-mask.pages.dev/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintE1:8A:A7:AF:D4:AE:A7:BB:18:88:60:15:62:CA:E4:79:6D:57:C8:63
ValiditySun, 12 Mar 2023 00:00:00 GMT - Mon, 11 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1199)
Size
36 kB (36437 bytes)
Hash
63ad7f01f67accd6aafb47999640abe5
5ed10575a1a39d5b02840416a281fb1e655bd423
596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /static/picture/wallet-illo.svg HTTP/1.1
Host: meta-mask.pages.dev
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://meta-mask.pages.dev/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Fri, 25 Aug 2023 10:18:34 GMT
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
etag: W/"bf28fdd98178b017969bff160aca3cea"
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QkwyPS1GJ44iv324X1IPjRyCPlFFnh%2F2jIg0UclOGQK2AoceSvBsMzFmHH%2FEEkVZwS46Tlf0%2BJd1a6RPlrApyW8X1k6necr7YbrZ7mhlsD4NFNQ59vZtnqORs2nss3bx8R27vjVb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7fc3177d5e32b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (33)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by