Report - metamask.io.merge.hpmsolutions.ca/

Report Overview

URL

metamask.io.merge.hpmsolutions.ca/
IP

162.55.1.104

ASN

#24940 Hetzner Online GmbH
Submitted

2022-12-26T17:21:04Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

42

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	391	34.117.237.239
fonts.gstatic.com (3)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1392	147120	216.58.207.227
ocsp.sca1b.amazontrust.com (1)	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350	1004	143.204.42.88
metamask.io.merge.hpmsolutions.ca (25)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8697	1251671	162.55.1.104
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2374	35.241.9.150
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5844	34.160.144.191
r3.o.lencr.org (7)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2366	6202	23.36.77.32
www.gstatic.com (2)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	964	4158	142.250.74.35
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3246	63469	34.120.237.76
ocsp.pki.goog (4)	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1372	2798	142.250.74.131
fonts.googleapis.com (2)	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	755	1584	142.250.74.106
ocsp.digicert.com (1)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341	797	93.184.220.29
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	52.89.20.60
cdn.ethers.io (1)	459220	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390	540	54.230.111.14

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-11-30	medium	metamask.io.merge.hpmsolutions.ca/secure.html	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Crypto/Wallet

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/webfont.js	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/tag.js	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/enterprise.js	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/storage.secure.min.js	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/plx.chock.js	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/jquery-3.5.1.min.dc5e7f18c8.js	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/analytics.js	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/css.html	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/mm-logo.svg	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/webflow.js	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/EuclidCircularB-Regular-WebXL.woff2	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/EuclidCircularB-Bold-WebXL.woff2	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/secure.html	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/bootstrap-tagsinput.js	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/script.js	Phishing
2022-12-26	medium	metamask.io.merge.hpmsolutions.ca/meta/js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

HTTP Transactions (57)

URL IP Response Size

metamask.io.merge.hpmsolutions.ca/

162.55.1.104

200 OK

2938

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text

Size

2938
Hash

a2d4bc164ed35f0e8ab9a24a8d78d2ba

23b05632d6673e53091a9423a58cb5c9e287a8cc

f1526c918214e606e6d02f5c5f5ae7a78391de99d09e2d07d70e041dda13ee91

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

                                        GET / HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html
Last-Modified: Tue, 20 Sep 2022 04:07:28 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2938
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

fb20c18681040b740ab1730562beb45c

abedefb801b0e13987d6619a77e0368771f9dfcb

288c1832db391da57e3d74ffa893ec2c47ef9c1945f85b88473c563b55a3dfb3

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "288C1832DB391DA57E3D74FFA893EC2C47EF9C1945F85B88473C563B55A3DFB3"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4644
Expires: Mon, 26 Dec 2022 18:38:17 GMT
Date: Mon, 26 Dec 2022 17:20:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

9cce060ddc316540d079e6816a1e7412

709a74969d1996d2b35ef0f7f34ae18455169f1e

6d58b895476c9ab451d8fc51df98809adca445bc6e9d720430e80a0c85242879

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6D58B895476C9AB451D8FC51DF98809ADCA445BC6E9D720430E80A0C85242879"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9660
Expires: Mon, 26 Dec 2022 20:01:53 GMT
Date: Mon, 26 Dec 2022 17:20:53 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

30db107dcf4380cef05efea409c2e6a3

96e6a306fbc07299aba64e5c14e2bfca35872fa9

b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 26 Dec 2022 16:46:33 GMT
content-type: application/json
age: 2060
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

b2d59bdbb1ca6324590988ec031cf1fc

bfd4e25af37dcde4bac38d9b178c5ac8e50f8834

cef2180120ef42ff09d54577229c058d41d2c569d485f5a6dcfadc74bf8aa647

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CEF2180120EF42FF09D54577229C058D41D2C569D485F5A6DCFADC74BF8AA647"
Last-Modified: Mon, 26 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9425
Expires: Mon, 26 Dec 2022 19:57:58 GMT
Date: Mon, 26 Dec 2022 17:20:53 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

b1fcd419a4245617397846e8d17233f6

2a037ce244587640b27ead9a0ec2af4f862d91b2

e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: IF0sZQVnFHAWa8aBNZiGR8mywd5Vj30jI0JKgCwsW8uyYbTXZvi3FsxGYVRYZxp5j62e3wPyvok=
x-amz-request-id: 0VWY3PQM4JV1MX2X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 26 Dec 2022 16:55:24 GMT
age: 1529
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

metamask.io.merge.hpmsolutions.ca/meta/normalize.css

162.55.1.104

200 OK

2633

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/normalize.css
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text

Size

2633
Hash

74b55c54efadbc58b06a6042cc858472

127ffb851c8bb77bf00de3280d0e078571704de7

435035717bcd1da635fd11e9d0d22c40d2753c48383b1728f66bfd1607bcd54a

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /meta/normalize.css HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: text/css
Last-Modified: Wed, 22 Dec 2021 18:30:38 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2633
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

metamask.io.merge.hpmsolutions.ca/meta/webflow.css

162.55.1.104

200 OK

9350

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/webflow.css
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

Unicode text, UTF-8 text, with very long lines (2587)

Size

9350
Hash

d143e827e4004f5af028b3c37e3748dd

7531565e84fd2011b5ca8a9b179ecdd4b65d89b6

f425ff60551250b2f1dc6a40d92d5ab84847781d370740a945b6b8f1866c4e84

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /meta/webflow.css HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: text/css
Last-Modified: Wed, 22 Dec 2021 18:30:46 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 9350
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Mon, 26 Dec 2022 17:20:53 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

metamask.io.merge.hpmsolutions.ca/meta/webfont.js

162.55.1.104

200 OK

5431

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/webfont.js
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text, with very long lines (2134)

Size

5431
Hash

f2e75ef01e8ce9b37cec75250d84e8bf

76e367a654e7cdaa51872ab26a31eb96605b4544

4a40bdcd270c0a713cc75ff940ab738302bb466ad84bd39780d96dfb77bfedde

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

                                        GET /meta/webfont.js HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Dec 2021 18:30:46 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 5431
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

metamask.io.merge.hpmsolutions.ca/meta/tag.js

162.55.1.104

200 OK

7583

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/tag.js
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text, with very long lines (21652), with no line terminators

Size

7583
Hash

030e152d0cbf5d9c345726676e20f490

d39cd836763535ada905adb47e4d028a80f51849

01cb61852e9ab6166e2651c568c84e93d2dd80a7296b26d2f0539e5dc614787f

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

                                        GET /meta/tag.js HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Dec 2021 18:30:44 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 7583
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

508c2c991a10f5f048c213f732698d4c

5a43bb96597ada2c1a16fb35c6cd74529bb306c4

bdf5e18cacb564fe4be4448d268ecee27b7139b91109b6d0727f2b809c6b5f3f

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 17:20:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

metamask.io.merge.hpmsolutions.ca/meta/enterprise.js

162.55.1.104

200 OK

617

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/enterprise.js
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text, with very long lines (1008), with no line terminators

Size

617
Hash

d81ef5cb351ba48ede3354fa5248ce44

9a08bcf54317bb24610116e0650b520b32dcb7e3

69e117e70a745175180e8c577cec146b059da38bfd77265a8544cfc78a51e32b

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

                                        GET /meta/enterprise.js HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Dec 2021 18:30:24 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 617
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

metamask.io.merge.hpmsolutions.ca/meta/metamask-staging-2.webflow.css

162.55.1.104

200 OK

17590

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/metamask-staging-2.webflow.css
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text

Size

17590
Hash

53ff35d49ab5d2089b65f13389233f86

cf1714af3125e0fc6b07408fa4269ab003baa162

509ea7e5aac1909a1a0b328b497e47f04cd10eaa3927e65a37cf1900bea5996f

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /meta/metamask-staging-2.webflow.css HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: text/css
Last-Modified: Wed, 22 Dec 2021 18:30:36 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 17590
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

metamask.io.merge.hpmsolutions.ca/meta/storage.secure.min.js

162.55.1.104

200 OK

13331

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/storage.secure.min.js
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text, with very long lines (38562), with no line terminators

Size

13331
Hash

3d92102abedfdb24487dce53034d530b

98a4881577f81b625bc08bf33331295fd996df48

b6df362a0fb0fa4eb5c3e8724f44a5a483550e971d2ff3131c82efcfb7d262a2

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

                                        GET /meta/storage.secure.min.js HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Dec 2021 18:30:42 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 13331
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

metamask.io.merge.hpmsolutions.ca/meta/plx.chock.js

162.55.1.104

200 OK

312

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/plx.chock.js
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text

Size

312
Hash

f8a281c232ca490b0fb6a69a0a69aa93

8586880ea6c9a49dd4b2b45ee6f7eff01c5c7683

4acac0377cad7da2cbf6e18c4e9096e95484429bf4589b472bbc276c43b6110e

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

                                        GET /meta/plx.chock.js HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Dec 2021 18:30:38 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 312
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

metamask.io.merge.hpmsolutions.ca/meta/jquery-3.5.1.min.dc5e7f18c8.js

162.55.1.104

200 OK

30970

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/jquery-3.5.1.min.dc5e7f18c8.js
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text, with very long lines (65451)

Size

30970
Hash

21ab05a6dc4822c20e4f8e617d59503e

0431002ed053581f86ceeca6589f3b3fc039d1ee

d55c3c4566cd69b2af1ac0ef1f24f7d9e781bd67701c2e84a2300a8464636b34

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

                                        GET /meta/jquery-3.5.1.min.dc5e7f18c8.js HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Dec 2021 18:30:32 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 30970
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

metamask.io.merge.hpmsolutions.ca/meta/analytics.js

162.55.1.104

200 OK

20110

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/analytics.js
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text, with very long lines (1325)

Size

20110
Hash

f6172b83fb5bcd8fadd246270f6e7948

910ba56b59eac08dd3461bbf81a19378028b2664

62559499e80252ed5f16b8d9972825db8479ad069a5f3e63a82c37a0d9d4ce91

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

                                        GET /meta/analytics.js HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Dec 2021 18:30:22 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 20110
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

metamask.io.merge.hpmsolutions.ca/meta/css.html

162.55.1.104

200 OK

274

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/css.html
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text

Size

274
Hash

a0a15fba936f518c2c1c071b0089c64c

6f8526c13dda4943229b9535931f8a6fd169da3a

6e9864f7491582647d88fee2b9503d22fc8735f673bb9be1809437c11af8af96

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

                                        GET /meta/css.html HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Content-Type: text/html
Last-Modified: Wed, 22 Dec 2021 18:30:22 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 274
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

508c2c991a10f5f048c213f732698d4c

5a43bb96597ada2c1a16fb35c6cd74529bb306c4

bdf5e18cacb564fe4be4448d268ecee27b7139b91109b6d0727f2b809c6b5f3f

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 17:20:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

metamask.io.merge.hpmsolutions.ca/meta/wpp.gif

162.55.1.104

200 OK

3877

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/wpp.gif
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

GIF image data, version 87a, 470 x 40\012- data

Size

3877
Hash

941648b845842a709da73e24652cf8a4

099e5f97e602d026c51537c9b45328dc99261d7c

2a7344e607a878f0acac7f5c9c3a65fc8a4423f00e21d3fb7a814cae051631d9

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /meta/wpp.gif HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: image/gif
Last-Modified: Wed, 22 Dec 2021 18:30:48 GMT
Accept-Ranges: bytes
Content-Length: 3877
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

metamask.io.merge.hpmsolutions.ca/meta/mm-logo.svg

162.55.1.104

200 OK

3289

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/mm-logo.svg
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)

Size

3289
Hash

75536fc9d6e2f24b5d4a43206f59daea

d6b451451650bb4028e6e36562cf590370534324

1fec7292d135f29856c58b107c76d144f532a9a3b5d36acefa89ae4e3e990c61

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

                                        GET /meta/mm-logo.svg HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: image/svg+xml
Last-Modified: Wed, 22 Dec 2021 18:30:36 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3289
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

fonts.googleapis.com/css?family=Changa+One:400,400italic

142.250.74.106

200 OK

301

URL HTTP/1.1

fonts.googleapis.com/css?family=Changa+One:400,400italic
IP

142.250.74.106:0
ASN

#15169 GOOGLE

Magic

ASCII text

Size

301
Hash

7fb212f619185f162769684274cb1dfe

414b678cfcbcd25c44569e72369a8218bea8756d

d53161ae9523414449dd0f7083f66fda679084bac2cb18a92b884a43616c1fd5

HTTP Headers

                                        GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Mon, 26 Dec 2022 17:20:53 GMT
Date: Mon, 26 Dec 2022 17:20:53 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff

metamask.io.merge.hpmsolutions.ca/meta/webflow.js

162.55.1.104

200 OK

147063

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/webflow.js
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

Unicode text, UTF-8 text, with very long lines (50020)

Size

147063
Hash

8a4663ee78192e5c9506c2a338ce7723

dba17ca619195bfb7ff1a1b55d196bff2029b89f

f2892479732a4c07ecece62f4c8f12fd9ade7fab06766368a9c87f3bbe96dd59

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

                                        GET /meta/webflow.js HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: application/javascript
Last-Modified: Wed, 22 Dec 2021 18:30:46 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 147063
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

216.58.207.227

200 OK

7900

URL HTTP/1.1

fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP

216.58.207.227:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data

Size

7900
Hash

61e86e7a20ecf3ba181ca4b9a9a1cdbd

482a65cffc69109af26669d64accbef71db3b836

fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

HTTP Headers

                                        GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://metamask.io.merge.hpmsolutions.ca
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7900
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 20 Dec 2022 21:47:45 GMT
Expires: Wed, 20 Dec 2023 21:47:45 GMT
Cache-Control: public, max-age=31536000
Age: 502388
Last-Modified: Thu, 21 Apr 2022 17:15:19 GMT
Content-Type: font/woff2

metamask.io.merge.hpmsolutions.ca/meta/EuclidCircularB-Regular-WebXL.woff2

162.55.1.104

200 OK

45196

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/EuclidCircularB-Regular-WebXL.woff2
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data

Size

45196
Hash

2d75957df3bb3aa6ed84f6591b0d5a1a

906424e75625f63b0188471067065794d0348536

8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

                                        GET /meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/meta/metamask-staging-2.webflow.css

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: font/woff2
Last-Modified: Wed, 22 Dec 2021 18:30:26 GMT
Accept-Ranges: bytes
Content-Length: 45196
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

metamask.io.merge.hpmsolutions.ca/meta/EuclidCircularB-Bold-WebXL.woff2

162.55.1.104

200 OK

44544

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/EuclidCircularB-Bold-WebXL.woff2
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data

Size

44544
Hash

9024d0bf73943172297c4628d0054e20

36c3795e7b297d06589e15ef59592683d9ed0974

88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

                                        GET /meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/meta/metamask-staging-2.webflow.css

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: font/woff2
Last-Modified: Wed, 22 Dec 2021 18:30:26 GMT
Accept-Ranges: bytes
Content-Length: 44544
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

216.58.207.227

200 OK

8404

URL HTTP/1.1

fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP

216.58.207.227:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data

Size

8404
Hash

141119ae119bf7ca75e10ef82f66e442

adebf435aa078db3c116cb9faae15f2ad81d3ac5

c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

HTTP Headers

                                        GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://metamask.io.merge.hpmsolutions.ca
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 8404
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 20 Dec 2022 02:33:07 GMT
Expires: Wed, 20 Dec 2023 02:33:07 GMT
Cache-Control: public, max-age=31536000
Age: 571667
Last-Modified: Thu, 21 Apr 2022 17:15:41 GMT
Content-Type: font/woff2

metamask.io.merge.hpmsolutions.ca/meta/hero2.4.png

162.55.1.104

200 OK

589568

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/meta/hero2.4.png
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data

Size

589568
Hash

d0ec70f4c666fbf6ad0d30a52d08c5c9

e48f0688bc4f592824840478d12c05df0dd12002

3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /meta/hero2.4.png HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/meta/metamask-staging-2.webflow.css

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:53 GMT
Content-Type: image/png
Last-Modified: Wed, 22 Dec 2021 18:30:30 GMT
Accept-Ranges: bytes
Content-Length: 589568
Date: Mon, 26 Dec 2022 17:20:53 GMT
Server: LiteSpeed

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 26 Dec 2022 16:33:30 GMT
age: 2844
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

7f2ed0d8a18af500682ec994cd3a5e15

48032c29ccc60c09f0c003042d059e83ea493ecb

8c49d81420b293298bd75222f60fbc608c322b36944963d93b6a15b12bcb0e8b

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 17:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

metamask.io.merge.hpmsolutions.ca/images/webclip.png

162.55.1.104

200 OK

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/images/webclip.png
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /images/webclip.png HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:54 GMT
Content-Type: image/png
Last-Modified: Thu, 23 Dec 2021 00:03:30 GMT
Accept-Ranges: bytes
Content-Length: 0
Date: Mon, 26 Dec 2022 17:20:54 GMT
Server: LiteSpeed

metamask.io.merge.hpmsolutions.ca/images/favicon.png

162.55.1.104

200 OK

URL HTTP/1.1

metamask.io.merge.hpmsolutions.ca/images/favicon.png
IP

162.55.1.104:0
ASN

#24940 Hetzner Online GmbH

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

                                        GET /images/favicon.png HTTP/1.1
Host: metamask.io.merge.hpmsolutions.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Mon, 02 Jan 2023 17:20:54 GMT
Content-Type: image/png
Last-Modified: Thu, 23 Dec 2021 00:03:30 GMT
Accept-Ranges: bytes
Content-Length: 0
Date: Mon, 26 Dec 2022 17:20:54 GMT
Server: LiteSpeed

ocsp.digicert.com/

93.184.220.29

200 OK

471

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

68ee4e2891b5a52719997e4ef8cb7aab

ae2e49eff010551d7f3dcf005a51530ee2910480

2bae50a834a34f248f6a79cf6f191dcf709c24b884f2d3da7fa43985c6b2d48b

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2857
Cache-Control: max-age=146011
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 17:20:54 GMT
Etag: "63a96428-1d7"
Expires: Wed, 28 Dec 2022 09:54:25 GMT
Last-Modified: Mon, 26 Dec 2022 09:06:48 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.89.20.60

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

52.89.20.60:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: UlmOL9nhxHfeKe2ac8dS9g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GZZGsZHVe7H7W/XZxu+OA/fBqig=

www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js

142.250.74.35

404 Not Found

1621

URL HTTP/2

www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP

142.250.74.35:0
ASN

#15169 GOOGLE

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)

Size

1621
Hash

c90524d6a02b27addb56c350fe6fbb2d

d713d1b53323c0169ffe0649be8c9d04a189f999

4aefd395113d052a874ac1919aed0e288835e0377683f1e71e98838d16c986e0

HTTP Headers

                                        GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://metamask.io.merge.hpmsolutions.ca
Connection: keep-alive
Referer: http://metamask.io.merge.hpmsolutions.ca/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 26 Dec 2022 17:20:54 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

a4887aa0a07d726c889d8dfbddc359c6

83658ae9db1abb14fb2b869bf451caa97ef58e4d

085603732bde2eb04b81ae99e116350593ad282d21e81bfd624c0f9543247cd9

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Dec 2022 17:20:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

5b2790419bb1f19fd29300d548278b98

64671f1c88a1271e9bcda28ac13a01e330a2a07e

1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4274
Expires: Mon, 26 Dec 2022 18:32:09 GMT
Date: Mon, 26 Dec 2022 17:20:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

5b2790419bb1f19fd29300d548278b98

64671f1c88a1271e9bcda28ac13a01e330a2a07e

1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4274
Expires: Mon, 26 Dec 2022 18:32:09 GMT
Date: Mon, 26 Dec 2022 17:20:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

5b2790419bb1f19fd29300d548278b98

64671f1c88a1271e9bcda28ac13a01e330a2a07e

1ce1ca2a9d6783fa668b57c8764e8c3a17fde26812161af8ce8096b3691b9279

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1CE1CA2A9D6783FA668B57C8764E8C3A17FDE26812161AF8CE8096B3691B9279"
Last-Modified: Sun, 25 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4274
Expires: Mon, 26 Dec 2022 18:32:09 GMT
Date: Mon, 26 Dec 2022 17:20:55 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

#1 JS:Script (size: 21104)

#2 JS:Script (size: 303580)

#3 JS:Script (size: 2386)

#4 JS:Script (size: 50205)

#5 JS:Script (size: 69)

#6 JS:Script (size: 92325)

#7 JS:Script (size: 253)

#8 JS:Script (size: 13188)

#9 JS:Script (size: 250)

#10 JS:Script (size: 1008)

#11 JS:Script (size: 601104)

#12 JS:Script (size: 21652)

#13 JS:Script (size: 38562)

#14 JS:Script (size: 3393)

#15 JS:Script (size: 89476)

HTTP Transactions (57)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size