Report - mymetamask-support.xyz/secure.php

Report Overview

Submitted URL
mymetamask-support.xyz/secure.php
IP
169.239.129.37
ASN
#61138 Zappie Host LLC
Submitted
2023-05-22 12:40:14
Access
public
Website Title
Final URL
Tags
crypto phishing
urlquery detections
Phishing - Generic Crypto/Wallet

Detections

urlquery
26
Network Intrusion Detection
0
Threat Detection Systems
64

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
forms.hsforms.com	5160	2013-09-18	2018-03-07	2023-05-22	487 B	3.2 kB	104.17.211.243
metamask.io	81413	2015-07-02	2015-11-15	2023-05-21	868 B	34 kB	185.199.111.153
perf.hsforms.com	10768	2013-09-18	2020-07-03	2023-05-22	501 B	1.1 kB	104.17.211.243
mymetamask-support.xyz	unknown	2023-05-17	2023-05-18	2023-05-21	17 kB	1.7 MB	169.239.129.37
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-22	911 B	10 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-22	5.4 kB	261 kB	216.58.207.227
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-05-22	660 B	1.9 kB	172.64.155.188
www.google.com	7	1997-09-15	2015-05-10	2023-05-21	5.2 kB	146 kB	142.250.74.164
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-22	2.3 kB	4.9 kB	142.250.74.131
accdn.lpsnmedia.net	3410	2010-08-04	2014-02-08	2023-05-21	1.5 kB	208 kB	178.249.97.99
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-22	7.7 kB	714 kB	142.250.74.99
lpcdn.lpsnmedia.net	3501	2010-08-04	2014-04-27	2023-05-21	1.2 kB	58 kB	178.249.97.98
js.hsforms.net	7264	2013-09-18	2013-09-26	2023-05-22	950 B	543 kB	104.16.184.65

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-05-22	medium	mymetamask-support.xyz/secure.php

PhishTank

Scan Date	Severity	Indicator	Alert
2023-05-22	medium	mymetamask-support.xyz/secure.php

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-22	medium	mymetamask-support.xyz/secure.php
2023-05-22	medium	mymetamask-support.xyz/
2023-05-22	medium	mymetamask-support.xyz/meta/css
2023-05-22	medium	mymetamask-support.xyz/meta/plx.chock.js
2023-05-22	medium	mymetamask-support.xyz/meta/webfont.js.download
2023-05-22	medium	mymetamask-support.xyz/meta/tag.js.download
2023-05-22	medium	mymetamask-support.xyz/meta/analytics.js.download
2023-05-22	medium	mymetamask-support.xyz/meta/enterprise.js.download
2023-05-22	medium	mymetamask-support.xyz/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
2023-05-22	medium	mymetamask-support.xyz/
2023-05-22	medium	mymetamask-support.xyz/meta/js
2023-05-22	medium	mymetamask-support.xyz/meta/recaptcha__nl.js.download
2023-05-22	medium	mymetamask-support.xyz/meta/storage.secure.min.js.download
2023-05-22	medium	mymetamask-support.xyz/meta/jsonp
2023-05-22	medium	mymetamask-support.xyz/meta/v2.js.download
2023-05-22	medium	mymetamask-support.xyz/meta/webflow.js.download
2023-05-22	medium	mymetamask-support.xyz/meta/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
2023-05-22	medium	mymetamask-support.xyz/meta/mm-logo.svg
2023-05-22	medium	mymetamask-support.xyz/meta/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
2023-05-22	medium	mymetamask-support.xyz/meta/EuclidCircularB-Regular-WebXL.woff2
2023-05-22	medium	mymetamask-support.xyz/meta/EuclidCircularB-Bold-WebXL.woff2
2023-05-22	medium	mymetamask-support.xyz/meta/saved_resource.html
2023-05-22	medium	mymetamask-support.xyz/meta/anchor.html
2023-05-22	medium	mymetamask-support.xyz/meta/saved_resource(1).html
2023-05-22	medium	mymetamask-support.xyz/meta/bframe.html
2023-05-22	medium	mymetamask-support.xyz/meta/recaptcha__nl.js.download
2023-05-22	medium	mymetamask-support.xyz/meta/recaptcha__nl.js.download
2023-05-22	medium	mymetamask-support.xyz/meta/saved_resource(2).html
2023-05-22	medium	mymetamask-support.xyz/meta/anchor.html
2023-05-22	medium	mymetamask-support.xyz/meta/bframe.html

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (46)

	URL	Size	First Seen	Last Seen
	mymetamask-support.xyz/secure.php	73 B	2023-03-07	2024-04-06
Pretty URL mymetamask-support.xyz/secure.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:43 Last Seen2024-04-06 20:09:38 Times Seen403 Hash ccf7a258eee5e12d2cb3d813a5da86c8 0d0c6985e493d2f610870c9259901a2511734328 441b05bfa42c0b589fd682ec21e9ba36e55f6ec2718fbb259a812cd0b999c28e Loading...

	js.hsforms.net/forms-next/shell-recaptcha	540 B	2023-04-05	2024-04-12
Pretty URL js.hsforms.net/forms-next/shell-recaptcha IP 104.16.184.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 05:29:16 Last Seen2024-04-12 19:27:19 Times Seen150 Hash 0ef8295b6b00040322f2dcbc2dad3a7b 3c3f471eb10ddba84126b623484930b3c99a8014 8f6e0ed5457a4e0086d8f5754cf5beb474f716ed08184676d4768c88bffb2c63 Loading...

	www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js	418 kB	2023-05-18	2023-06-28
Pretty URL www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js IP 142.250.74.99 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 01:27:56 Last Seen2023-06-28 00:20:35 Times Seen22262 Hash 213e1a6e418f3df36f2ec077314ef525 7a553e545a48271f3afec47b3ed5f3518cfdd7b4 ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d Loading...

	mymetamask-support.xyz/secure.php	181 B	2023-03-07	2024-04-25
Pretty URL mymetamask-support.xyz/secure.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17:43 Last Seen2024-04-25 11:01:36 Times Seen3756 Hash 0e9e3ad57abeefde87342864450cc232 4dc8676bf3417d597053d5f253fce034007f63da 9a37601d1f5a5f2fba3b000694d4bf5e035c606d5485dd94e2997cbe2efe5c26 Loading...

	accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB	3.4 kB	2023-05-22	2023-06-18
Pretty URL accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB IP 178.249.97.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 14:40:19 Last Seen2023-06-18 18:52:05 Times Seen3 Hash ef6c84b62ef411d251d37363fec02f4a 5840ba2a8552dc2d757361751b24ecca48d5152a b9b8e7b2a9bdd935f680821d0e8dedf613a1534fd995cdc7f42a0d5af25fefb8 Loading...

	mymetamask-support.xyz/meta/webfont.js.download	13 kB	2023-03-07	2024-04-25
Pretty URL mymetamask-support.xyz/meta/webfont.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-04-25 11:01:38 Times Seen22396 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	mymetamask-support.xyz/meta/plx.chock.js	3.4 kB	2023-03-07	2024-04-02
Pretty URL mymetamask-support.xyz/meta/plx.chock.js IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:10 Last Seen2024-04-02 06:38:24 Times Seen660 Hash 5acfeead7d13511cdef767305b87e3f8 ec5337e62f1e64d3aaba3bf41a41b5f876964922 b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246 Loading...

	mymetamask-support.xyz/meta/enterprise.js.download	1.0 kB	2023-03-07	2024-04-12
Pretty URL mymetamask-support.xyz/meta/enterprise.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:10 Last Seen2024-04-12 19:27:20 Times Seen572 Hash d07e7630bc23cbdd7520d0a4f086c922 b50685923a96d55109959fdf21f369d902971b2a 15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2 Loading...

	mymetamask-support.xyz/meta/storage.secure.min.js.download	39 kB	2023-03-07	2024-04-12
Pretty URL mymetamask-support.xyz/meta/storage.secure.min.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-12 19:27:20 Times Seen657 Hash 3386ec5559f1ba569cf0ab6acab436cc e98e11d37c5172ee128a85f68447efb3cb0e853c 996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73 Loading...

	js.hsforms.net/forms/v2.js	539 kB	2023-05-18	2023-05-23
Pretty URL js.hsforms.net/forms/v2.js IP 104.16.184.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 13:36:27 Last Seen2023-05-23 10:56:47 Times Seen149 Hash 1d656df477d6edca6241500e32135a70 66db6eb2d28f2c35a198d945a2a65de6f517a913 5ec1775c9dd3e265b5199c3661b38cae053affae10152beb5a6a1217bf4668f4 Loading...

	mymetamask-support.xyz/meta/recaptcha__nl.js.download	354 kB	2023-03-07	2024-04-12
Pretty URL mymetamask-support.xyz/meta/recaptcha__nl.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:10 Last Seen2024-04-12 19:27:20 Times Seen583 Hash e735084e8ffed1ad8d89df08d98d4d23 6cdab8dac12030c8bc980ec129affecc626285c3 6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b Loading...

	mymetamask-support.xyz/meta/analytics.js.download	50 kB	2023-03-07	2024-04-18
Pretty URL mymetamask-support.xyz/meta/analytics.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-18 21:14:10 Times Seen840 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	mymetamask-support.xyz/secure.php	164 B	2023-03-07	2024-04-06
Pretty URL mymetamask-support.xyz/secure.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:19 Last Seen2024-04-06 20:09:39 Times Seen296 Hash 9fb685752617cf9403453cc16f9b0469 84d82954770f482fbea43960d5a5dc36e3572d1a d57443d0c7faf37db40a6058be8401314277c4b2662d8ed301ee6c0bd99a8c4d Loading...

	www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit	1.0 kB	2023-05-20	2023-05-25
Pretty URL www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 01:57:07 Last Seen2023-05-25 20:35:39 Times Seen28 Hash ac459b16a2293671fc32543b590b5fd1 8dddce81e27fd60e82befe9c263f2e4d71f53eaf 9c94074f205af8c20e34c994f21fc657bb0f9fdbbabdb1aa9fd1e7abd35cac1b Loading...

	lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fmymetamask-support.xyz&site=88982875&env=prod&isCrossDomain=true	39 kB	2023-03-07	2024-03-12
Pretty URL lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fmymetamask-support.xyz&site=88982875&env=prod&isCrossDomain=true IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:45 Last Seen2024-03-12 06:48:19 Times Seen234 Hash a3a38a5d6888ddc1831a811e9d428c77 2ca5b076aea8b4c6ff7ad1873de4ade91d66511f d4676cbbadec76c9f89f5b771a7f4927d544b4d76801e40e9957493e038e0db4 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=20y9qplri2p3	75 B	2023-03-07	2024-04-25
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=20y9qplri2p3 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:59 Last Seen2024-04-25 13:26:25 Times Seen10371 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-25
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-25 13:15:29 Times Seen341549 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	mymetamask-support.xyz/sandbox%20eval%20code	147 B	2023-04-11	2024-04-25
Pretty URL mymetamask-support.xyz/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-25 13:15:29 Times Seen342046 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	mymetamask-support.xyz/meta/js	92 kB	2023-03-07	2024-03-12
Pretty URL mymetamask-support.xyz/meta/js IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:36 Last Seen2024-03-12 06:48:21 Times Seen508 Hash fb2ab9b8632250b0d7aa50c08150cfe1 73b3f266ac08c9fb07e1de1664fed384ccd5bc86 5d419e0ff614b331e4f8fed2ba7c1380b1f5983f98d820a6a0f7040b55f60b5b Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=20y9qplri2p3	43 kB	2023-05-22	2023-05-22
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=20y9qplri2p3 IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 14:40:19 Last Seen2023-05-22 14:40:19 Times Seen1 Hash 4152ffdc2705908b13e1ec313eae600e 18e9b27833753ef911fdd45cb219e53a22285673 a9c61cd19915a5728da90c88870771bde39d202d55e261c87f97ac330e86769f Loading...

	www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm	0 B	2023-03-07	2024-04-25
Pretty URL www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 13:29:29 Times Seen37063394 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	mymetamask-support.xyz/meta/tag.js.download	22 kB	2023-03-07	2024-04-12
Pretty URL mymetamask-support.xyz/meta/tag.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-12 19:27:20 Times Seen539 Hash e2ee8a9cd68c3d310a4c62fdb4b5c93a 67eb5f9547f1d9de0a8b143c3b50511c26281399 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7 Loading...

	mymetamask-support.xyz/meta/webflow.js.download	601 kB	2023-03-07	2024-04-12
Pretty URL mymetamask-support.xyz/meta/webflow.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:36 Last Seen2024-04-12 19:27:20 Times Seen596 Hash 9758f7e3aa0c79ea7a3cadb16d10087b 07f3c4e552e28eba6172f53d6dcf981a55f42031 0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d Loading...

	mymetamask-support.xyz/secure.php	1.8 kB	2023-03-07	2024-04-02
Pretty URL mymetamask-support.xyz/secure.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 17:55:49 Last Seen2024-04-02 06:38:23 Times Seen241 Hash 8b1fb904d189e68aaf32a2223915fdfd d1a510fab3db50f7482275581d2171914e1d6631 c1863d7b43731c0cb9a160099c3fa80215e0b0966f27061f78eb6af1da84f026 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9teW1ldGFtYXNrLXN1cHBvcnQueHl6OjQ0Mw..&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=pe68r0ivsvtv	44 kB	2023-05-22	2023-05-22
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9teW1ldGFtYXNrLXN1cHBvcnQueHl6OjQ0Mw..&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=pe68r0ivsvtv IP 142.250.74.164 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 14:40:19 Last Seen2023-05-22 14:40:19 Times Seen1 Hash 6214789320f20c8606745a9da653f2c6 c4a5337f68539e478f7fcd67e56cc43601ee54db 12399a740b992082fb3d0c05ffc84549c868f8971d022004bbf4dde44e4f2334 Loading...

	mymetamask-support.xyz/secure.php	116 B	2023-03-07	2024-04-06
Pretty URL mymetamask-support.xyz/secure.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:19 Last Seen2024-04-06 20:05:07 Times Seen234 Hash 65eedcd8ea68974fc10b18a001f5ff0d d57d865c29e2ba5f817f850194c33f6d1e7ea064 681e6299492c0b7a15980513d81a420ff8d912dadc14d90148b77bd81018926e Loading...

	mymetamask-support.xyz/meta/v2.js.download	579 kB	2023-03-09	2024-04-12
Pretty URL mymetamask-support.xyz/meta/v2.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:05:33 Last Seen2024-04-12 19:27:20 Times Seen197 Hash d3b2366c9977c975fc6abdc6a119c361 ed6031ba0b0efe5b77acd0382f8d647f2cc88018 7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25 Loading...

	mymetamask-support.xyz/meta/jquery-3.5.1.min.dc5e7f18c8.js.download	90 kB	2023-03-07	2024-04-25
Pretty URL mymetamask-support.xyz/meta/jquery-3.5.1.min.dc5e7f18c8.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 13:15:30 Times Seen139115 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	mymetamask-support.xyz/meta/anchor.html	33 kB	2023-03-09	2024-04-12
Pretty URL mymetamask-support.xyz/meta/anchor.html IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 10:05:33 Last Seen2024-04-12 19:27:19 Times Seen129 Hash 27fe4cb47aa233ddd8165960b6d65929 11cc82d6e20cc46d88bacc3ed4bfb3f24bbf4b3b 692d9a7342c1fcb4c0417afee37d21695396088ca85a5a29f116f63189e0c595 Loading...

	mymetamask-support.xyz/meta/bframe.html	175 B	2023-03-07	2024-04-12
Pretty URL mymetamask-support.xyz/meta/bframe.html IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17:36 Last Seen2024-04-12 19:27:19 Times Seen275 Hash 117ee3a6ec35b36713c5e48205ff5fce 8f892b6a14a32c6e5e1cf000d06b18535a7b6238 7317f1aa4ede14314da978897b86477afe5fbc7b634899c0e33a740ca235e675 Loading...

	accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb60699x83728	113 B	2023-05-22	2023-05-22
Pretty URL accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb60699x83728 IP 178.249.97.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 14:40:19 Last Seen2023-05-22 14:40:19 Times Seen1 Hash 5bbe1cfa596c793c1d3e43bc4c9d45ed e16a01866109d98331c50b65bd1900fb3c0a4ef8 6b4035e95c8f00b72bb483fd45b74342fdb69ee80ebb6ff5915c5fb6131669d1 Loading...

	mymetamask-support.xyz/secure.php	184 B	2023-03-07	2024-04-06
Pretty URL mymetamask-support.xyz/secure.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:20 Last Seen2024-04-06 20:09:39 Times Seen261 Hash 12c0659e2686c193368d09f53edc8090 e2a481f856253ec2b3dfe266ab035bc1ca650b72 7269e1e3bae2d22edc632e41922fd7e090dd785fdb749c05b577f78e9126075c Loading...

	forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=	5.8 kB	2023-05-22	2023-05-22
Pretty URL forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= IP 104.17.211.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 14:40:19 Last Seen2023-05-22 14:40:19 Times Seen2 Hash 1e1e15ac850b90127559c1507154c3cf 015026a1851752208e1fcc1fe7b5a6c077875aa3 6d7f6881b81705ca667d0d5bfa324bd26a441311e0df10a0a7e0906afe29c434 Loading...

	accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb50088x98054	6.5 kB	2023-05-22	2023-05-22
Pretty URL accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb50088x98054 IP 178.249.97.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 14:40:19 Last Seen2023-05-22 14:40:19 Times Seen1 Hash 914ce6c4f0e9b50da1bd69923cc16884 fb1283d8eeb8b7b42866e3c4037948b4a92f6c0f af92e5438f1933cd00a2363e3184514e5f201276d6455143454965bde6ff4975 Loading...

	mymetamask-support.xyz/meta/jsonp	278 kB	2023-03-07	2024-03-12
Pretty URL mymetamask-support.xyz/meta/jsonp IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:10 Last Seen2024-03-12 06:48:21 Times Seen411 Hash 7efac8c0fa8e30db7a423500ef59abab be73717f776f24dd31498c27a1b02b784570d5bb 102411780270584690575675e14e574ef8a16cf6fdd5700d5682e68a8d2cc00d Loading...

		Size	First Seen	Last Seen
	#1 Eval - dd218a03e16729e0792ad3fea308bec0	60 B	2023-05-12	2023-06-04
Pretty Observations First Seen2023-05-12 05:33:29 Last Seen2023-06-04 08:54:06 Times Seen2669 Hash dd218a03e16729e0792ad3fea308bec0 012409519e7436de9aee4c98b5f5af7d3293fbc6 e9ff506439f6ac4d101d6665c191952c8b5820471f2380d5ebc4404f640af16a Loading...

	#2 Eval - 76bd97bf52d9f212de4b01cc3663929c	22 B	2023-05-12	2023-06-04
Pretty Observations First Seen2023-05-12 05:33:29 Last Seen2023-06-04 08:54:06 Times Seen2674 Hash 76bd97bf52d9f212de4b01cc3663929c 50008cfd646dfade4c2573e9115a2abbc852654d 2242c524d1948a40b0ed6d077f310346cf9c48553a78fb5d93d06b72e1ae583f Loading...

	#3 Eval - ad65f17d4c741d9a993850eef7a0180c	23 kB	2023-05-22	2023-05-22
Pretty Observations First Seen2023-05-22 14:40:19 Last Seen2023-05-22 14:40:19 Times Seen1 Hash ad65f17d4c741d9a993850eef7a0180c 223ceae4a9ce16b23ff7675ab4b4262b017c627d e51fb211dfbaef2833e8122048423134e65a45b42b830e9ad858ba74510cfc3b Loading...

	#4 Eval - 272eb139968a9665de1db4beccf568d2	22 B	2023-03-09	2024-04-12
Pretty Observations First Seen2023-03-09 10:05:33 Last Seen2024-04-12 19:27:19 Times Seen106 Hash 272eb139968a9665de1db4beccf568d2 e6505fdd0680c557e102b20212d31942c7d24429 26ef4c313a8ffd1b7fc79977328690a19336ac1187fa07d9cfc3a8327f5a08ba Loading...

	#5 Eval - 8239ee6044ad7e817a1f26d19412f6eb	22 B	2023-03-09	2024-04-12
Pretty Observations First Seen2023-03-09 10:05:34 Last Seen2024-04-12 19:27:19 Times Seen105 Hash 8239ee6044ad7e817a1f26d19412f6eb 7116e217d05810b609ff09ac21e2c6097f14484c df78f0db59a013604da430bf67714a0445ddb583f42925592cfed1774716374d Loading...

	#6 Eval - eb94905b9da3f67da3f000d1bb6efbde	64 B	2023-03-09	2024-04-12
Pretty Observations First Seen2023-03-09 10:05:33 Last Seen2024-04-12 19:27:19 Times Seen106 Hash eb94905b9da3f67da3f000d1bb6efbde 1d3286e8759266d0f632990a00153ac614ca6c39 ef56a8332ced72dcd8b9a2756ce1fe129be6db47ca4863412b51e8028a9d1eb2 Loading...

	#7 Eval - 92fe811482ac711520fcb294d7ae95ef	22 B	2023-05-12	2023-06-04
Pretty Observations First Seen2023-05-12 05:33:29 Last Seen2023-06-04 08:54:06 Times Seen2670 Hash 92fe811482ac711520fcb294d7ae95ef dbb6d44eaf5960318bfe4272a1ce8b43c216e83e c8f1f179ceed97beb5263d479c7ffbc831a3c9bdf96710a9d813897b9baa6896 Loading...

	#8 Eval - f10eeb1daf9c0310a370446d53d7f820	18 kB	2023-05-22	2023-05-22
Pretty Observations First Seen2023-05-22 14:40:19 Last Seen2023-05-22 14:40:19 Times Seen1 Hash f10eeb1daf9c0310a370446d53d7f820 ff33848ed1c58ebb50423a1b0439e17d5fb8983c e05dad974b92243b6154f04dda728aa995c9d462995e3525cb2dc6bae8537c51 Loading...

	#9 Eval - eb66c1f359d05f217871011ea549a977	16 kB	2023-05-12	2023-06-04
Pretty Observations First Seen2023-05-12 05:33:29 Last Seen2023-06-04 08:54:06 Times Seen2674 Hash eb66c1f359d05f217871011ea549a977 17f76e196a2bfa1109ead9f3d2d98b21f6e86483 1e1134f23ffcb2ec23795ae6c285c26b5e77d89d86b4830280879514f6466bc1 Loading...

	#10 Eval - 15760900e488ec647450f20eeaa49944	15 kB	2023-03-09	2024-04-12
Pretty Observations First Seen2023-03-09 10:05:33 Last Seen2024-04-12 19:27:19 Times Seen106 Hash 15760900e488ec647450f20eeaa49944 208ad236b244f8adbd138cda9ad9f7f1d4e7758e 90d9c75dc0b4578e5468206d805353952b0a650c707ac7f9632b29f3694c1dff Loading...

	#11 Eval - 85ad98825c102aa5723b0a85c075a06d	18 kB	2023-05-22	2023-05-31
Pretty Observations First Seen2023-05-22 14:40:19 Last Seen2023-05-31 12:04:50 Times Seen4 Hash 85ad98825c102aa5723b0a85c075a06d 8df4a5a8f66f3d778a12f9efa75f1c9601f30aa7 bbff2b1cf200684d4a8e61b1b6048cfa89695279ac36940bb0bf84fa51ef3a90 Loading...

HTTP Transactions (91)

URL IP Response Size

mymetamask-support.xyz/secure.php

169.239.129.37

200 OK

5.7 kB

URL User Request GET HTTP/1.1
mymetamask-support.xyz/secure.php
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1843)
Size
5.7 kB (5653 bytes)
Hash
6bbcf11267a8a4c0c39ea1d7c0244d14
c5994381f7efc01db89bc1487dea824b409f9f67
7265b0b6ab417322a8ef0606f027b715987173f07f1a3868c335629e7f54a18b

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
phishtank	Other
fortinet	Phishing

HTTP Headers

GET /secure.php HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:51 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5653
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

mymetamask-support.xyz/

169.239.129.37

327 B

URL
mymetamask-support.xyz/
IP
169.239.129.37:0
ASN
#61138 Zappie Host LLC

Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
327 B (327 bytes)
Hash
aa7338f0de3188f1776fa6b20a4aba05
db4603d04ed7d1d01b7fd68f8915b9ba02104ccc
caf914acdf6f2c2a2bf28e263888473b2520989794fee0c7b37427054e2ef491

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Mon, 22 May 2023 12:39:54 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://mymetamask-support.xyz/
Content-Length: 327
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8d1ffc63ece540992319c6f7637db168
b84a5580317750f11fea9fb0ca41710c88e66d38
905441c3ec5505f8196be1b4c4123cd1862bc6f03ce2bc5cf5fe37b21e07c907

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 12:39:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mymetamask-support.xyz/meta/normalize.css

169.239.129.37

200 OK

2.7 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/normalize.css
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text
Size
2.7 kB (2659 bytes)
Hash
4951cc88307c632cf285d3ba988ab283
031d58bc40b4242b27d8171a01bb0ecb5f9d22d7
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /meta/normalize.css HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:54 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:05 GMT
ETag: "1e5c-5fc219d37cacf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2659
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

812 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
gzip compressed data, max compression\012- data
Size
812 B (812 bytes)
Hash
4eace4ac3c88bf45cfcd93703862b8e1
e45bccc3a10f43d6e7b637fe41e3f4e030db9a28
f428114f29b47c8d90d3fd91dbcc449528c773422b971f355abc0394ecf5c2b7

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 22 May 2023 12:39:54 GMT
date: Mon, 22 May 2023 12:39:54 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mymetamask-support.xyz/meta/webflow.css

169.239.129.37

200 OK

9.3 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/webflow.css
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
Unicode text, UTF-8 text, with very long lines (2587)
Size
9.3 kB (9294 bytes)
Hash
13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /meta/webflow.css HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:54 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:24 GMT
ETag: "98c5-5fc219e55ad49-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9294
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

mymetamask-support.xyz/meta/css

169.239.129.37

200 OK

684 B

URL GET HTTP/1.1
mymetamask-support.xyz/meta/css
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text
Size
684 B (684 bytes)
Hash
147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/css HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:54 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:42 GMT
ETag: "2ac-5fc219bdca10d"
Accept-Ranges: bytes
Content-Length: 684
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive

mymetamask-support.xyz/meta/plx.chock.js

169.239.129.37

200 OK

311 B

URL GET HTTP/1.1
mymetamask-support.xyz/meta/plx.chock.js
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text
Size
311 B (311 bytes)
Hash
5acfeead7d13511cdef767305b87e3f8
ec5337e62f1e64d3aaba3bf41a41b5f876964922
b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/plx.chock.js HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:54 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:07 GMT
ETag: "d41-5fc219d5e4e0c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 311
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

mymetamask-support.xyz/meta/webfont.js.download

169.239.129.37

200 OK

5.4 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/webfont.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (2134)
Size
5.4 kB (5415 bytes)
Hash
7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/webfont.js.download HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:54 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:25 GMT
ETag: "3384-5fc219e6d3c73-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5415
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

mymetamask-support.xyz/meta/metamask-staging-2.webflow.css

169.239.129.37

200 OK

18 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/metamask-staging-2.webflow.css
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text
Size
18 kB (17647 bytes)
Hash
ba952defcfea60e6655d055e0e3d7588
1be55967c320384267f3b43366c2842bb45b7946
eb28270feafcfa2eb9c5dcd16142555152d9619bfc1682a6da38cd78f646e6fd

HTTP Headers

GET /meta/metamask-staging-2.webflow.css HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:54 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:00 GMT
ETag: "22b37-5fc219ceb1275-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17647
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

mymetamask-support.xyz/meta/tag.js.download

169.239.129.37

200 OK

7.5 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/tag.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (21652), with no line terminators
Size
7.5 kB (7541 bytes)
Hash
e2ee8a9cd68c3d310a4c62fdb4b5c93a
67eb5f9547f1d9de0a8b143c3b50511c26281399
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/tag.js.download HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:55 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:20 GMT
ETag: "5494-5fc219e210119-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7541
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

mymetamask-support.xyz/meta/analytics.js.download

169.239.129.37

200 OK

20 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/analytics.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (1325)
Size
20 kB (20042 bytes)
Hash
d40531c5e99a6f84e42535859476fe35
a901817d77b2fe5259c298c91bc65c54d7f8a1a9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/analytics.js.download HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:54 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:37 GMT
ETag: "c41d-5fc219b89ed79-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20042
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

mymetamask-support.xyz/meta/enterprise.js.download

169.239.129.37

200 OK

614 B

URL GET HTTP/1.1
mymetamask-support.xyz/meta/enterprise.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
614 B (614 bytes)
Hash
d07e7630bc23cbdd7520d0a4f086c922
b50685923a96d55109959fdf21f369d902971b2a
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/enterprise.js.download HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:55 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:44 GMT
ETag: "3f0-5fc219bf33638-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 614
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8ab94d7259411fe8a216956474b19511
48c63eaff708604c5f7af9514c3e77109a1f3f73
1dfd960074784d17f2fab64fab44d8aa41c1a794a7000980b428f6ab6392439a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 12:39:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8ab94d7259411fe8a216956474b19511
48c63eaff708604c5f7af9514c3e77109a1f3f73
1dfd960074784d17f2fab64fab44d8aa41c1a794a7000980b428f6ab6392439a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 12:39:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Changa+One:400,400italic

142.250.74.106

200 OK

8.2 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Changa+One:400,400italic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
gzip compressed data, max compression\012- data
Size
8.2 kB (8212 bytes)
Hash
44f615485f6f1b3c642c2823af5555fe
2eeac8aa35e7f885be8644a473a930bf4e902c59
30bc4040a6676593eb9000fa0a3ce166a3f95216e15938e251919d8c030baf35

HTTP Headers

GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 22 May 2023 12:39:55 GMT
date: Mon, 22 May 2023 12:39:55 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

216.58.207.227

200 OK

8.4 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Size
8.4 kB (8404 bytes)
Hash
141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

HTTP Headers

GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mymetamask-support.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 07:46:25 GMT
expires: Fri, 17 May 2024 07:46:25 GMT
cache-control: public, max-age=31536000
age: 363210
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8ab94d7259411fe8a216956474b19511
48c63eaff708604c5f7af9514c3e77109a1f3f73
1dfd960074784d17f2fab64fab44d8aa41c1a794a7000980b428f6ab6392439a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 12:39:55 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mymetamask-support.xyz/meta/jquery-3.5.1.min.dc5e7f18c8.js.download

169.239.129.37

200 OK

31 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30910 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:55 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:52 GMT
ETag: "15d84-5fc219c7a577d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30910
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

mymetamask-support.xyz/

169.239.129.37

5.4 kB

URL
mymetamask-support.xyz/
IP
169.239.129.37:0
ASN
#61138 Zappie Host LLC

Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1843)
Size
5.4 kB (5446 bytes)
Hash
9c5fe9cbc89c01c73051949163eb9b2c
12d9d2f7b55893c17ae79ffb3af69e658cc1d7d8
a6a290f402a5d79b5caa58cadf4de75a3a9963af9ba9e165b8237b286353a6e8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:54 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5446
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

mymetamask-support.xyz/meta/js

169.239.129.37

200 OK

92 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/js
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (1815)
Size
92 kB (92325 bytes)
Hash
fb2ab9b8632250b0d7aa50c08150cfe1
73b3f266ac08c9fb07e1de1664fed384ccd5bc86
5d419e0ff614b331e4f8fed2ba7c1380b1f5983f98d820a6a0f7040b55f60b5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/js HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:55 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:54 GMT
ETag: "168a5-5fc219c964ba3"
Accept-Ranges: bytes
Content-Length: 92325
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive

mymetamask-support.xyz/meta/recaptcha__nl.js.download

169.239.129.37

200 OK

138 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/recaptcha__nl.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/meta/anchor.html
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (820)
Size
138 kB (137504 bytes)
Hash
e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/recaptcha__nl.js.download HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:54 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:09 GMT
ETag: "56577-5fc219d76a855-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

mymetamask-support.xyz/meta/storage.secure.min.js.download

169.239.129.37

200 OK

13 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/storage.secure.min.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (38562), with no line terminators
Size
13 kB (13194 bytes)
Hash
3386ec5559f1ba569cf0ab6acab436cc
e98e11d37c5172ee128a85f68447efb3cb0e853c
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/storage.secure.min.js.download HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:55 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:17 GMT
ETag: "96a2-5fc219df2cd23-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13194
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

mymetamask-support.xyz/meta/jsonp

169.239.129.37

200 OK

278 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/jsonp
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
278 kB (278382 bytes)
Hash
7efac8c0fa8e30db7a423500ef59abab
be73717f776f24dd31498c27a1b02b784570d5bb
102411780270584690575675e14e574ef8a16cf6fdd5700d5682e68a8d2cc00d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/jsonp HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:55 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:55 GMT
ETag: "43f6e-5fc219ca34bb7"
Accept-Ranges: bytes
Content-Length: 278382
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

mymetamask-support.xyz/meta/v2.js.download

169.239.129.37

200 OK

149 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/v2.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
149 kB (148638 bytes)
Hash
d3b2366c9977c975fc6abdc6a119c361
ed6031ba0b0efe5b77acd0382f8d647f2cc88018
7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/v2.js.download HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:55 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:22 GMT
ETag: "8d511-5fc219e369c45-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

mymetamask-support.xyz/meta/webflow.js.download

169.239.129.37

200 OK

147 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/webflow.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
Unicode text, UTF-8 text, with very long lines (50020)
Size
147 kB (147184 bytes)
Hash
9758f7e3aa0c79ea7a3cadb16d10087b
07f3c4e552e28eba6172f53d6dcf981a55f42031
0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/webflow.js.download HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:55 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:25 GMT
ETag: "92c10-5fc219e669559-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

216.58.207.227

200 OK

128 kB

URL GET HTTP/2
fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 128352, version 1.0\012- data
Size
128 kB (128352 bytes)
Hash
53436aca8627a49f4deaaa44dc9e3c05
0bc0c675480d94ec7e8609dda6227f88c5d08d2c
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1

HTTP Headers

GET /s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mymetamask-support.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 128352
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:40 GMT
expires: Thu, 16 May 2024 00:16:40 GMT
cache-control: public, max-age=31536000
age: 476596
last-modified: Tue, 07 Mar 2023 19:51:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

mymetamask-support.xyz/meta/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

169.239.129.37

200 OK

7.9 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7924, version 1.0\012- data
Size
7.9 kB (7924 bytes)
Hash
8c62104f4329ec3e675fbbf952e5760e
d3acaba572770ca428956ec6be406995e6ee9c0c
e2bce7e3f85456cb30a1803f8f261157ca8922d7e0b1c5baf421d65cfd87619d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/meta/css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:27 GMT
ETag: "1ef4-5fc219e84101e"
Accept-Ranges: bytes
Content-Length: 7924
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

mymetamask-support.xyz/meta/mm-logo.svg

169.239.129.37

200 OK

12 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/mm-logo.svg
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size
12 kB (12019 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/mm-logo.svg HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:01 GMT
ETag: "2ef3-5fc219d00ada1"
Accept-Ranges: bytes
Content-Length: 12019
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml

mymetamask-support.xyz/meta/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

169.239.129.37

200 OK

8.4 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8364, version 1.0\012- data
Size
8.4 kB (8364 bytes)
Hash
7d2d5a1272e235228039f306a0a45275
5f33ba8abd5506e1c58c3e6771872eaa712ba19f
9c6596dccd4b15e7ab0a21d6b35c75d0f0531d258f342869890165ac974706b3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/meta/css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:28 GMT
ETag: "20ac-5fc219e9d25e7"
Accept-Ranges: bytes
Content-Length: 8364
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive

mymetamask-support.xyz/meta/Institutional-Illustration.png

169.239.129.37

200 OK

290 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/Institutional-Illustration.png
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
PNG image data, 876 x 1040, 8-bit/color RGBA, non-interlaced\012- data
Size
290 kB (289564 bytes)
Hash
85607339bb7e3cc70e1b7568ed4d29b2
7c6301d70e1ab599857be6e9795b94418cef6079
5bdf1ea203497adb942fa639a322195c744910ae8980d625d986ddead1f8ed37

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /meta/Institutional-Illustration.png HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/meta/metamask-staging-2.webflow.css
Cookie: _ga=GA1.2.2113943147.1684759195; _gid=GA1.2.773972953.1684759195; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:52 GMT
ETag: "46b1c-5fc219c77e67f"
Accept-Ranges: bytes
Content-Length: 289564
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png

mymetamask-support.xyz/meta/EuclidCircularB-Regular-WebXL.woff2

169.239.129.37

200 OK

45 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/EuclidCircularB-Regular-WebXL.woff2
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Size
45 kB (45196 bytes)
Hash
2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/meta/metamask-staging-2.webflow.css
Cookie: _ga=GA1.2.2113943147.1684759195; _gid=GA1.2.773972953.1684759195; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:45 GMT
ETag: "b08c-5fc219c0b80e2"
Accept-Ranges: bytes
Content-Length: 45196
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive

ocsp.sectigo.com/

172.64.155.188

471 B

URL
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4ef9577951cb36ef9f1d43e85d707060
7dbcbd06ebfc029c03c40bbd3115701a08e230f8
ac959f4bccbb538eb2dc49b0e88d9fe36c8abd0f66292130414020c48e951f30

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 19 May 2023 14:32:24 GMT
Expires: Fri, 26 May 2023 14:32:23 GMT
Etag: "7dbcbd06ebfc029c03c40bbd3115701a08e230f8"
Cache-Control: max-age=353366,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb51ff02d9cb4ee-OSL

mymetamask-support.xyz/meta/EuclidCircularB-Bold-WebXL.woff2

169.239.129.37

200 OK

44 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/EuclidCircularB-Bold-WebXL.woff2
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Size
44 kB (44544 bytes)
Hash
9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/meta/metamask-staging-2.webflow.css
Cookie: _ga=GA1.2.2113943147.1684759195; _gid=GA1.2.773972953.1684759195; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:45 GMT
ETag: "ae00-5fc219c06ae87"
Accept-Ranges: bytes
Content-Length: 44544
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive

mymetamask-support.xyz/meta/saved_resource.html

169.239.129.37

200 OK

10 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/saved_resource.html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32691)
Size
10 kB (9982 bytes)
Hash
eecf7841e3ae4ea5612cd1563e779096
673a8b55ad4e89c262f44a419a2a43413d4ccf44
637cc614427ad02090df0fdc92138dcd9e009032c5f1765b3cff0ab396039ec0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /meta/saved_resource.html HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Cookie: _ga=GA1.2.2113943147.1684759195; _gid=GA1.2.773972953.1684759195; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:13 GMT
ETag: "d79f-5fc219db7897a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9982
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html

mymetamask-support.xyz/meta/anchor.html

169.239.129.37

200 OK

21 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/anchor.html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33133)
Size
21 kB (21338 bytes)
Hash
2db6bc307d82bd82eada077d9db82207
6d8c84d26209a2f2f37c46802e952ab48eb27ece
90d0d3bb84ed3278a30b08ec19bdbb360976b38562328a69b5b89cfe443e88f8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /meta/anchor.html HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Cookie: _ga=GA1.2.2113943147.1684759195; _gid=GA1.2.773972953.1684759195; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:39 GMT
ETag: "a489-5fc219ba68d7f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21338
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html

mymetamask-support.xyz/meta/saved_resource(1).html

169.239.129.37

200 OK

148 B

URL GET HTTP/1.1
mymetamask-support.xyz/meta/saved_resource(1).html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
148 B (148 bytes)
Hash
09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/saved_resource(1).html HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Cookie: _ga=GA1.2.2113943147.1684759195; _gid=GA1.2.773972953.1684759195; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:09 GMT
ETag: "98-5fc219d7928f3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 148
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/html

mymetamask-support.xyz/meta/bframe.html

169.239.129.37

200 OK

4.0 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/bframe.html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Size
4.0 kB (3951 bytes)
Hash
2f66271235a3d7572b574296079aa0dd
2d92d80f5ce45463567b1b00b7d631f12a4303d3
365828621c1851dc2094a02f3deca7d565094dede18d1dbfbb6b76c0ed25ca1d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /meta/bframe.html HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/secure.php
Cookie: _ga=GA1.2.2113943147.1684759195; _gid=GA1.2.773972953.1684759195; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:40 GMT
ETag: "2c58-5fc219bbe1ca9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3951
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4b606a89062b860c8b452c4c3877397c
39ba4e3efb89e39deffa0c93cb01b63cb1975e67
85c1f8e7679b507431d39f010a515ddcc840dbcbedfe06edf1ea94a8e7dd2a15

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 12:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4b606a89062b860c8b452c4c3877397c
39ba4e3efb89e39deffa0c93cb01b63cb1975e67
85c1f8e7679b507431d39f010a515ddcc840dbcbedfe06edf1ea94a8e7dd2a15

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 12:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

142.250.74.164

200 OK

616 B

URL GET HTTP/2
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint85:AD:43:66:C0:73:07:1B:B5:5D:4A:83:4B:76:3F:DA:4B:2B:E1:F8
ValidityMon, 24 Apr 2023 12:01:16 GMT - Mon, 17 Jul 2023 12:01:15 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
616 B (616 bytes)
Hash
ac459b16a2293671fc32543b590b5fd1
8dddce81e27fd60e82befe9c263f2e4d71f53eaf
9c94074f205af8c20e34c994f21fc657bb0f9fdbbabdb1aa9fd1e7abd35cac1b

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Mon, 22 May 2023 12:39:56 GMT
date: Mon, 22 May 2023 12:39:56 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 616
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

178.249.97.99

200 OK

29 kB

URL GET HTTP/2
accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP
178.249.97.99:443
ASN
#11054 LIVEPERSON

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43606)
Size
29 kB (29242 bytes)
Hash
afbfaed660641223ac0ffa8548af2452
a9baf33428257a06c42b11c1ae77ea73b913dffa
d64cd6bbd17ad57c2ba443a9a4ada0be581a57e4ba90b9049b8518236627ee57

HTTP Headers

GET /api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 12:39:56 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:31|g:397ff1bb-05d1-4102-bfd9-6ebe6b6a1f51; Max-Age=30; Expires=Mon, 22-May-2023 12:40:26 GMT; Path=/
ADRUM_BTa=R:31|g:397ff1bb-05d1-4102-bfd9-6ebe6b6a1f51|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Mon, 22-May-2023 12:40:26 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Mon, 22-May-2023 12:40:26 GMT; Path=/; Secure
ADRUM_BT1=R:31|i:2241648; Max-Age=30; Expires=Mon, 22-May-2023 12:40:26 GMT; Path=/
ADRUM_BT1=R:31|i:2241648|e:3; Max-Age=30; Expires=Mon, 22-May-2023 12:40:26 GMT; Path=/
vary: Accept
expires: Mon, 22 May 2023 12:40:56 GMT
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=

104.17.211.243

200 OK

2.1 kB

URL GET HTTP/2
forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
IP
104.17.211.243:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (5788), with no line terminators
Size
2.1 kB (2145 bytes)
Hash
1e1e15ac850b90127559c1507154c3cf
015026a1851752208e1fcc1fe7b5a6c077875aa3
6d7f6881b81705ca667d0d5bfa324bd26a441311e0df10a0a7e0906afe29c434

HTTP Headers

GET /embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 12:39:56 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B1309CF17D7D62231DEB23DE33AAAF502DB4AE97C000000000000000000
x-origin-hublet: na1
vary: origin
x-hubspot-correlation-id: 6cfaacd5-dc9d-4638-b822-5527f170a6a6
content-disposition: attachment; filename=no-rfd.txt
x-content-type-options: nosniff
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
x-envoy-upstream-service-time: 7
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-zlsgj
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: dc6e5779-b911-4364-98ef-7446304416a5
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cb51fefd8b5b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

mymetamask-support.xyz/meta/styles__ltr.css

169.239.129.37

200 OK

24 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/styles__ltr.css
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/meta/anchor.html
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (52368), with no line terminators
Size
24 kB (24369 bytes)
Hash
97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

HTTP Headers

GET /meta/styles__ltr.css HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/meta/anchor.html
Cookie: _ga=GA1.2.2113943147.1684759195; _gid=GA1.2.773972953.1684759195; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:19 GMT
ETag: "cc90-5fc219e0e638a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24369
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
73d84022844c72951a56044d4bcf3039
1bb5397b6fdab7f58f63e715bdf3111708d96a2f
a86c145779bbdc93a14c8e42495d6cd431d6d820e268c66e9960244fa7ea3ecf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 12:39:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

mymetamask-support.xyz/meta/recaptcha__nl.js.download

169.239.129.37

200 OK

138 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/recaptcha__nl.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/meta/anchor.html
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (820)
Size
138 kB (137504 bytes)
Hash
e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/recaptcha__nl.js.download HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/meta/anchor.html
Cookie: _ga=GA1.2.2113943147.1684759195; _gid=GA1.2.773972953.1684759195; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:09 GMT
ETag: "56577-5fc219d76a855-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

mymetamask-support.xyz/meta/recaptcha__nl.js.download

169.239.129.37

200 OK

138 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/recaptcha__nl.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/meta/anchor.html
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (820)
Size
138 kB (137504 bytes)
Hash
e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/recaptcha__nl.js.download HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/meta/bframe.html
Cookie: _ga=GA1.2.2113943147.1684759195; _gid=GA1.2.773972953.1684759195; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:09 GMT
ETag: "56577-5fc219d76a855-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

ocsp.sectigo.com/

172.64.155.188

471 B

URL
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4ef9577951cb36ef9f1d43e85d707060
7dbcbd06ebfc029c03c40bbd3115701a08e230f8
ac959f4bccbb538eb2dc49b0e88d9fe36c8abd0f66292130414020c48e951f30

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:56 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 19 May 2023 14:32:24 GMT
Expires: Fri, 26 May 2023 14:32:23 GMT
Etag: "7dbcbd06ebfc029c03c40bbd3115701a08e230f8"
Cache-Control: max-age=353483,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb51ff029330b4d-OSL

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.99

200 OK

167 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mymetamask-support.xyz
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 12:27:21 GMT
expires: Tue, 21 May 2024 12:27:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 755
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js

142.250.74.99

404 Not Found

1.6 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9teW1ldGFtYXNrLXN1cHBvcnQueHl6OjQ0Mw..&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=pe68r0ivsvtv
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1621 bytes)
Hash
c90524d6a02b27addb56c350fe6fbb2d
d713d1b53323c0169ffe0649be8c9d04a189f999
4aefd395113d052a874ac1919aed0e288835e0377683f1e71e98838d16c986e0

HTTP Headers

GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 22 May 2023 12:39:56 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js

142.250.74.99

404 Not Found

1.6 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9teW1ldGFtYXNrLXN1cHBvcnQueHl6OjQ0Mw..&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=pe68r0ivsvtv
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1621 bytes)
Hash
c90524d6a02b27addb56c350fe6fbb2d
d713d1b53323c0169ffe0649be8c9d04a189f999
4aefd395113d052a874ac1919aed0e288835e0377683f1e71e98838d16c986e0

HTTP Headers

GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://mymetamask-support.xyz
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 22 May 2023 12:39:56 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

metamask.io/images/favicon.png

185.199.111.153

404 Not Found

16 kB

URL GET HTTP/2
metamask.io/images/favicon.png
IP
185.199.111.153:443
ASN
#54113 FASTLY

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint53:D2:7D:9D:BF:A5:0C:9E:20:D0:E9:4D:28:49:84:5D:9B:D6:E7:31
ValidityMon, 17 Apr 2023 06:28:57 GMT - Sun, 16 Jul 2023 06:28:56 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (34275)
Size
16 kB (16206 bytes)
Hash
55130e1a885fcaa4ab837f1f26c69565
15e59e5938014732304a1e85b3f9147c93aa6b3c
b91146b49cb961fa3e8447464dd1172503681171a0444b9175513fdff215fd85

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"64666b6e-11ac8"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 35C0:903D:322FA5C:33E23FB:646B629B
accept-ranges: bytes
date: Mon, 22 May 2023 12:39:57 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1684759197.918573,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: 28406b81b37c586547412b24b117cbaafd4ec7cc
content-length: 16206
X-Firefox-Spdy: h2

metamask.io/images/webclip.png

185.199.111.153

404 Not Found

16 kB

URL GET HTTP/2
metamask.io/images/webclip.png
IP
185.199.111.153:443
ASN
#54113 FASTLY

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint53:D2:7D:9D:BF:A5:0C:9E:20:D0:E9:4D:28:49:84:5D:9B:D6:E7:31
ValidityMon, 17 Apr 2023 06:28:57 GMT - Sun, 16 Jul 2023 06:28:56 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (34275)
Size
16 kB (16206 bytes)
Hash
55130e1a885fcaa4ab837f1f26c69565
15e59e5938014732304a1e85b3f9147c93aa6b3c
b91146b49cb961fa3e8447464dd1172503681171a0444b9175513fdff215fd85

HTTP Headers

GET /images/webclip.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"64666b6e-11ac8"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 5ED0:0E95:18FF38A:19DEC1A:646B629C
accept-ranges: bytes
date: Mon, 22 May 2023 12:39:57 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1684759197.926288,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: b7098f6aac0443e82aaa35a2e6307349d78a0d32
content-length: 16206
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mymetamask-support.xyz
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:35 GMT
expires: Thu, 16 May 2024 00:16:35 GMT
cache-control: public, max-age=31536000
age: 476602
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mymetamask-support.xyz
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 07:26:31 GMT
expires: Sun, 19 May 2024 07:26:31 GMT
cache-control: public, max-age=31536000
age: 191606
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit

142.250.74.164

200 OK

616 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
616 B (616 bytes)
Hash
ac459b16a2293671fc32543b590b5fd1
8dddce81e27fd60e82befe9c263f2e4d71f53eaf
9c94074f205af8c20e34c994f21fc657bb0f9fdbbabdb1aa9fd1e7abd35cac1b

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Mon, 22 May 2023 12:39:57 GMT
date: Mon, 22 May 2023 12:39:57 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 616
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.99

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mymetamask-support.xyz/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:53:32 GMT
expires: Sat, 27 May 2023 13:53:32 GMT
cache-control: public, max-age=604800
age: 168385
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.99

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:25:40 GMT
expires: Sat, 27 May 2023 13:25:40 GMT
cache-control: public, max-age=604800
age: 170057
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.99

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mymetamask-support.xyz/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:53:32 GMT
expires: Sat, 27 May 2023 13:53:32 GMT
cache-control: public, max-age=604800
age: 168385
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mymetamask-support.xyz/meta/saved_resource(2).html

169.239.129.37

200 OK

148 B

URL GET HTTP/1.1
mymetamask-support.xyz/meta/saved_resource(2).html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/meta/anchor.html
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
148 B (148 bytes)
Hash
09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/saved_resource(2).html HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/meta/anchor.html
Cookie: _ga=GA1.2.2113943147.1684759195; _gid=GA1.2.773972953.1684759195; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:39:57 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:11 GMT
ETag: "98-5fc219d94231a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 148
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html

www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css

142.250.74.99

404 Not Found

1.6 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9teW1ldGFtYXNrLXN1cHBvcnQueHl6OjQ0Mw..&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=pe68r0ivsvtv
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1620 bytes)
Hash
e36ef824369a52f32d36526426b521a1
2aa85c4f5ffea54cf853bc9210d79c53d24ff088
1dee5a71230d0118e32b59df6930c964cddbe0d4f5e25fb52e159b75cffd1e97

HTTP Headers

GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 22 May 2023 12:39:57 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.99

200 OK

167 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://js.hsforms.net
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 12:27:21 GMT
expires: Tue, 21 May 2024 12:27:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js

142.250.74.99

404 Not Found

1.6 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9teW1ldGFtYXNrLXN1cHBvcnQueHl6OjQ0Mw..&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=pe68r0ivsvtv
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1621 bytes)
Hash
c90524d6a02b27addb56c350fe6fbb2d
d713d1b53323c0169ffe0649be8c9d04a189f999
4aefd395113d052a874ac1919aed0e288835e0377683f1e71e98838d16c986e0

HTTP Headers

GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 22 May 2023 12:39:57 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=20y9qplri2p3

142.250.74.164

200 OK

28 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=20y9qplri2p3
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43417)
Size
28 kB (28290 bytes)
Hash
7d0337b79bbe3d77cb551d30649b0ad2
7bfd3c6234db516a15956db7f2ae9b0dfc9687e2
3ba6ec516bcb2824d5ee2f24be3fb1b42c335be1ed3eaa77068b0d7b3dc59626

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=20y9qplri2p3 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 May 2023 12:39:57 GMT
content-security-policy: script-src 'nonce-WQPoCUN8SIReO9CcgCqwPA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28290
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

142.250.74.99

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=20y9qplri2p3
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 11:35:36 GMT
expires: Tue, 21 May 2024 11:35:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/css
vary: Accept-Encoding
age: 3861
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.99

200 OK

167 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 12:27:21 GMT
expires: Tue, 21 May 2024 12:27:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 756
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:35 GMT
expires: Thu, 16 May 2024 00:16:35 GMT
cache-control: public, max-age=31536000
age: 476603
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 07:26:31 GMT
expires: Sun, 19 May 2024 07:26:31 GMT
cache-control: public, max-age=31536000
age: 191607
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fmymetamask-support.xyz&site=88982875&force=1&env=prod&isCrossDomain=true

178.249.97.98

200 OK

15 kB

URL GET HTTP/2
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fmymetamask-support.xyz&site=88982875&force=1&env=prod&isCrossDomain=true
IP
178.249.97.98:443
ASN
#11054 LIVEPERSON

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (38664), with no line terminators
Size
15 kB (14922 bytes)
Hash
01006f24756bf0799c979a4f01a50026
9f1631cd1be2f1671b593d1cafbcda978c473558
c39d97e51801a05baa8b5fa536c9a8852f697828dc7cc436802e1f740c725b77

HTTP Headers

GET /le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fmymetamask-support.xyz&site=88982875&force=1&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 12:39:57 GMT
content-type: application/javascript
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Tue, 21 May 2024 12:39:57 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.99

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=20y9qplri2p3
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:53:32 GMT
expires: Sat, 27 May 2023 13:53:32 GMT
cache-control: public, max-age=604800
age: 168386
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb60699x83728

178.249.97.99

200 OK

167 kB

URL GET HTTP/2
accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb60699x83728
IP
178.249.97.99:443
ASN
#11054 LIVEPERSON

Requested by
https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fmymetamask-support.xyz&site=88982875&env=prod&isCrossDomain=true
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166761 bytes)
Hash
805d65cf5e9832bdfdc72cc20883cf71
263035a5125e6f6ed95f95e55d1ada1fd3e8f144
68f2cd00b5ddc756c7ac24f209565cbc7d829ae213eaba13163c40186a2b91e8

HTTP Headers

GET /api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb60699x83728 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lpcdn.lpsnmedia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 22 May 2023 12:39:58 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:28|g:587ea710-637e-4fcd-af3b-7a99c13e5865; Max-Age=30; Expires=Mon, 22-May-2023 12:40:27 GMT; Path=/
ADRUM_BTa=R:28|g:587ea710-637e-4fcd-af3b-7a99c13e5865|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Mon, 22-May-2023 12:40:27 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Mon, 22-May-2023 12:40:27 GMT; Path=/; Secure
ADRUM_BT1=R:28|i:2241648; Max-Age=30; Expires=Mon, 22-May-2023 12:40:27 GMT; Path=/
ADRUM_BT1=R:28|i:2241648|e:5; Max-Age=30; Expires=Mon, 22-May-2023 12:40:27 GMT; Path=/
cache-control: no-store
x-envoy-upstream-service-time: 97
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

1.2 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.2 kB (1156 bytes)
Hash
fe4ae948f5258daf817b36a8d7f1b3d8
20218821f24741b838512ece3cb4349fea3acf94
9b4202f245ef9a67ff046987070e3d507b1a1cb66b90e1b860fe875411891178

HTTP Headers

GET /recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 May 2023 12:39:58 GMT
content-security-policy: script-src 'nonce-JohuEKImjqDgo29KV0ftvQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1156
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fmymetamask-support.xyz&site=88982875&env=prod&isCrossDomain=true

178.249.97.98

200 OK

40 kB

URL GET HTTP/2
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fmymetamask-support.xyz&site=88982875&env=prod&isCrossDomain=true
IP
178.249.97.98:443
ASN
#11054 LIVEPERSON

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33328)
Size
40 kB (40075 bytes)
Hash
8847612c3020d594a87a06e69f501a55
7087a1cea1b780cc9570abf309129be5fa0cb024
8a26a34a282f5636fc250b4e8c29dbef925b0c004dbe336bd7eda71c4c0ec07d

HTTP Headers

GET /le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fmymetamask-support.xyz&site=88982875&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 12:39:57 GMT
content-type: text/html
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Tue, 21 May 2024 12:39:57 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.99

200 OK

167 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 22 May 2023 12:27:21 GMT
expires: Tue, 21 May 2024 12:27:21 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

25 kB

URL POST HTTP/3
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with very long lines (41301)
Size
25 kB (24912 bytes)
Hash
11e8786000c57d9ec3e780ff55abfd98
486ec300c35709ec1d1620c105376bad2d5fa386
9b8ba6ba37afe216c03a3abc85a8146496511b989dfd1702b62030bb26ccfd01

HTTP Headers

POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6326
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Mon, 22 May 2023 12:39:58 GMT
expires: Mon, 22 May 2023 12:39:58 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 24912
server: GSE
set-cookie: _GRECAPTCHA=09AIuXPCXNM5i-Ly6BOb1p5SmKJj_CAvl-_g0Qw3R972EksXlIly7OVjpAKKvn3g1b9u8S2O0jIGWb2TvMsu4Ek1M;Path=/recaptcha;Expires=Sat, 18-Nov-2023 12:39:58 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:35 GMT
expires: Thu, 16 May 2024 00:16:35 GMT
cache-control: public, max-age=31536000
age: 476603
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 07:26:31 GMT
expires: Sun, 19 May 2024 07:26:31 GMT
cache-control: public, max-age=31536000
age: 191607
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:43 GMT
expires: Thu, 16 May 2024 00:16:43 GMT
cache-control: public, max-age=31536000
age: 476595
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.99

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mymetamask-support.xyz/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:53:32 GMT
expires: Sat, 27 May 2023 13:53:32 GMT
cache-control: public, max-age=604800
age: 168386
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.99

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://mymetamask-support.xyz/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:53:32 GMT
expires: Sat, 27 May 2023 13:53:32 GMT
cache-control: public, max-age=604800
age: 168386
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.99

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.99:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 13:25:40 GMT
expires: Sat, 27 May 2023 13:25:40 GMT
cache-control: public, max-age=604800
age: 170058
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/payload?p=06AL8dmw9yNqXjMNJek-8shboPDH1iFYCARhm0t2gPKS7P08o-jT1hRO8ebcHiRqyTzjoKtMTrspJqnxD3KfW8Jq6sFDsH9iC4g7NukjqDDvHq8O52Da25m8xVVp4x9ZrCD6ZpNj4vFz2AlwSMmF0p6xPPv_hLXFtQQGmohBHSuj1o_yZbzakskxHqBVKOfK9VWZjS2k8LIPb1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.164

200 OK

33 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/payload?p=06AL8dmw9yNqXjMNJek-8shboPDH1iFYCARhm0t2gPKS7P08o-jT1hRO8ebcHiRqyTzjoKtMTrspJqnxD3KfW8Jq6sFDsH9iC4g7NukjqDDvHq8O52Da25m8xVVp4x9ZrCD6ZpNj4vFz2AlwSMmF0p6xPPv_hLXFtQQGmohBHSuj1o_yZbzakskxHqBVKOfK9VWZjS2k8LIPb1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3\012- data
Size
33 kB (32740 bytes)
Hash
08f28fbacbb8211f64c9d56d13da5fa6
e7f941fa90b0328799e5aa686b1731dff39aff2f
8999254c65eeb59e40c7a49172493b37c51b4e81fa278e2ca52ff8eddfb2f154

HTTP Headers

GET /recaptcha/enterprise/payload?p=06AL8dmw9yNqXjMNJek-8shboPDH1iFYCARhm0t2gPKS7P08o-jT1hRO8ebcHiRqyTzjoKtMTrspJqnxD3KfW8Jq6sFDsH9iC4g7NukjqDDvHq8O52Da25m8xVVp4x9ZrCD6ZpNj4vFz2AlwSMmF0p6xPPv_hLXFtQQGmohBHSuj1o_yZbzakskxHqBVKOfK9VWZjS2k8LIPb1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AIuXPCXNM5i-Ly6BOb1p5SmKJj_CAvl-_g0Qw3R972EksXlIly7OVjpAKKvn3g1b9u8S2O0jIGWb2TvMsu4Ek1M
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Mon, 22 May 2023 12:39:58 GMT
date: Mon, 22 May 2023 12:39:58 GMT
cache-control: private, max-age=30
content-type: image/jpeg
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 32740
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

mymetamask-support.xyz/meta/anchor.html

169.239.129.37

200 OK

21 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/anchor.html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33133)
Size
21 kB (21338 bytes)
Hash
2db6bc307d82bd82eada077d9db82207
6d8c84d26209a2f2f37c46802e952ab48eb27ece
90d0d3bb84ed3278a30b08ec19bdbb360976b38562328a69b5b89cfe443e88f8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /meta/anchor.html HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:40:09 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:39 GMT
ETag: "a489-5fc219ba68d7f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21338
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

mymetamask-support.xyz/meta/bframe.html

169.239.129.37

200 OK

4.0 kB

URL GET HTTP/1.1
mymetamask-support.xyz/meta/bframe.html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Size
4.0 kB (3951 bytes)
Hash
2f66271235a3d7572b574296079aa0dd
2d92d80f5ce45463567b1b00b7d631f12a4303d3
365828621c1851dc2094a02f3deca7d565094dede18d1dbfbb6b76c0ed25ca1d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /meta/bframe.html HTTP/1.1
Host: mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 12:40:09 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:40 GMT
ETag: "2c58-5fc219bbe1ca9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3951
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

js.hsforms.net/forms/v2.js

104.16.184.65

200 OK

539 kB

URL GET HTTP/2
js.hsforms.net/forms/v2.js
IP
104.16.184.65:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mymetamask-support.xyz/meta/saved_resource.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint16:1A:D5:A1:BC:62:B5:09:33:E2:A8:32:88:88:60:DE:BD:00:B5:F3
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type

Size
539 kB (538687 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /forms/v2.js HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 12:39:56 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Thu, 18 May 2023 09:43:44 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: XwZbVWs955S5IaGa40PkWhHIr22a1Zm2
etag: W/"1d656df477d6edca6241500e32135a70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: TxTje65FZRZOtBTxW-yxRAe5hPhSeYIyDSf0Wk-6BE5fH_8rHVig9A==
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3211/bundles/project-v2.js&cfRay=7c93379f8e57be42-IAD
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3211/bundles/project-v2.js
access-control-allow-origin: *
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 4
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-vnl6w
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 0cb1b874-4ec7-430d-b035-584f2b2560b9
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 326
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOFiL1GspadJqhu%2BU5o%2FB2e2qm8rzqZj7ULj5JoVSdFEMgldbNNwJWAIl7TXHFU24sTp3dl8rJvA8JMHcUebxmUaWPQFW1bN7YUHqbkuZe%2FceQLbkfIlvjOWl3KkcF4F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cb51ff23ad41c0a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067

104.17.211.243

200 OK

35 B

URL GET HTTP/3
perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067
IP
104.17.211.243:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 22 May 2023 12:39:56 GMT
content-type: image/gif
content-length: 35
x-trace: 2B1D0C762CD87FA90F408D6A63352C1A80D7552F36000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
x-hubspot-correlation-id: bbae83ee-740d-4b3e-8cd6-3bf0a843b1ba
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
x-envoy-upstream-service-time: 1
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-jkmcj
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 5fb6ddf5-c276-468f-826a-bf6138f022d4
last-modified: Mon, 22 May 2023 12:39:56 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cb51ff1db81b51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size
7.9 kB (7900 bytes)
Hash
61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

HTTP Headers

GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://mymetamask-support.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 06:19:20 GMT
expires: Fri, 17 May 2024 06:19:20 GMT
cache-control: public, max-age=31536000
age: 368435
last-modified: Thu, 21 Apr 2022 17:15:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

js.hsforms.net/forms-next/shell-recaptcha

104.16.184.65

200 OK

852 B

URL GET HTTP/3
js.hsforms.net/forms-next/shell-recaptcha
IP
104.16.184.65:443
ASN
#13335 CLOUDFLARENET

Requested by
https://mymetamask-support.xyz/meta/saved_resource.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint16:1A:D5:A1:BC:62:B5:09:33:E2:A8:32:88:88:60:DE:BD:00:B5:F3
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (882), with no line terminators
Size
852 B (852 bytes)
Hash
440ce01c33f34fd2d411740a08afbefc
5430ee8be61e7637b762df165949e960bf4665c6
4b6998d625f78ce81d67272fc34ca2959491f21f8f858c80f69b0e405fef691f

HTTP Headers

GET /forms-next/shell-recaptcha HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 22 May 2023 12:39:56 GMT
content-type: text/html; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Mon, 22 May 2023 08:37:04 UTC
x-amz-server-side-encryption: AES256
x-amz-meta-ao: {}
x-amz-version-id: 1neKgmSIo2kNjbv_9pCs.QkkwsDeI7HB
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: F-E59IqgMKMJ-0ApT6orBDNdSTZq-RggfkUjk87QStA5IDAIyD5Gfw==
age: 81
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: FormsNext/static-5.631/html/recaptcha.html
access-control-allow-origin: *
x-hs-cache-status: MISS
x-envoy-upstream-service-time: 4
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-x5fmx
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: eb40a459-178b-442f-8754-fd87ddef933a
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=piVzyLA20f1IJ05%2BKp8ZCzWgAUNEy86POm8%2FKakT4NU5eqXfNPuHk26wgg1FvR0opxrbKwWvU8iSHgXF%2BJ%2Fiq3vI2MeDyVhD3ZyhxL1cMFRs2AiYZJdOh%2FpxL5Hzp%2BWN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cb51ff45800fac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb50088x98054

178.249.97.99

200 OK

6.5 kB

URL GET HTTP/2
accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb50088x98054
IP
178.249.97.99:443
ASN
#11054 LIVEPERSON

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (7345), with no line terminators
Size
6.5 kB (6541 bytes)
Hash
f59777087eb15344822f1a0e11d13537
a6055b0a1c2f3d65edf12655d6c44f0276838998
f5a6cacc3f4b6a11967c755c3b1b7a608c98ec64bed7648ee5db831454040f4e

HTTP Headers

GET /api/account/88982875/configuration/setting/accountproperties/?cb=lpCb50088x98054 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 12:39:56 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:31|g:829abd47-a18f-401c-9449-44f76b0606bb; Max-Age=30; Expires=Mon, 22-May-2023 12:40:26 GMT; Path=/
ADRUM_BTa=R:31|g:829abd47-a18f-401c-9449-44f76b0606bb|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Mon, 22-May-2023 12:40:26 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Mon, 22-May-2023 12:40:26 GMT; Path=/; Secure
ADRUM_BT1=R:31|i:2241648; Max-Age=30; Expires=Mon, 22-May-2023 12:40:26 GMT; Path=/
ADRUM_BT1=R:31|i:2241648|e:6; Max-Age=30; Expires=Mon, 22-May-2023 12:40:26 GMT; Path=/
vary: Accept
expires: Mon, 22 May 2023 12:40:56 GMT
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9teW1ldGFtYXNrLXN1cHBvcnQueHl6OjQ0Mw..&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=pe68r0ivsvtv

142.250.74.164

200 OK

52 kB

URL GET HTTP/2
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9teW1ldGFtYXNrLXN1cHBvcnQueHl6OjQ0Mw..&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=pe68r0ivsvtv
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://mymetamask-support.xyz/secure.php
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint85:AD:43:66:C0:73:07:1B:B5:5D:4A:83:4B:76:3F:DA:4B:2B:E1:F8
ValidityMon, 24 Apr 2023 12:01:16 GMT - Mon, 17 Jul 2023 12:01:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43606)
Size
52 kB (52222 bytes)
Hash
9580091975e0d4b5297b6241048b97a5
74df3dbda68aa85db13c061583af470a9bcdd1c5
e3c0524f1f6bbaa9d061330614f0f7069587ea1ea8818a1ad98f53c4f6e449d8

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9teW1ldGFtYXNrLXN1cHBvcnQueHl6OjQ0Mw..&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=pe68r0ivsvtv HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://mymetamask-support.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 May 2023 12:39:56 GMT
content-security-policy: script-src 'nonce-tkuP0AGd2tPpz2L1JgXSVQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28599
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ

142.250.74.164

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ
IP
142.250.74.164:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=20y9qplri2p3
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
be5069a814de1331fe3e4cfa1a492239
7e6248c3e94c3dbf09db54f82ebc55954df99f73
3eefcd5ba2f128fa9468549daefb569acd63b7cb080f2105496fee6298c258e0

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=20y9qplri2p3
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
expires: Mon, 22 May 2023 12:39:58 GMT
date: Mon, 22 May 2023 12:39:58 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (46)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML