Report - metamaskonline.xyz

Report Overview

Visited public
2023-11-15 14:55:21
Tags
URL
metamaskonline.xyz
Finishing URL
metamaskonline.xyz/
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Title
MetaMask - A crypto wallet & gateway to blockchain apps

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

180

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
metamask.io	81413	2015-07-02	2015-11-15 18:16:41	2023-11-14 20:14:33	810 B	37 kB	185.199.110.153
metamaskonline.xyz	unknown	2023-11-14	2023-11-14 13:27:57	2023-11-15 04:03:31	14 kB	2.1 MB	188.114.96.1
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-15 13:57:35	2.6 kB	67 kB	142.250.74.163
forms.hsforms.com	5160	2013-09-18	2018-03-07 16:21:13	2023-11-15 15:22:00	483 B	3.2 kB	104.18.160.125
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-11-15 12:02:34	4.9 kB	802 kB	142.250.74.35
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-15 06:05:33	4.0 kB	143 kB	142.250.74.132
perf.hsforms.com	10768	2013-09-18	2020-07-03 15:11:28	2023-11-15 08:36:59	509 B	1.1 kB	104.18.160.125
metamask.icu	unknown	2023-01-17	2020-06-02 02:18:52	2023-11-11 08:44:20	862 B	3.6 kB	199.59.243.225
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-15 09:16:28	451 B	1.4 kB	142.250.74.42

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-11-15 14:55:03	medium	Client IP	Internal IP	ET INFO DNS Query for Suspicious .icu Domain
2023-11-15 14:55:03	medium	Client IP	199.59.243.225	ET INFO Suspicious Domain (*.icu) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet
2023-11-15	medium	metamaskonline.xyz/	Crypto/Wallet

PhishTank

Scan Date	Severity	Indicator	Alert
2023-11-15	medium	metamaskonline.xyz/js/webflow.js	Other
2023-11-15	medium	metamaskonline.xyz/images/dapp-gitcoin.png	Other
2023-11-15	medium	metamaskonline.xyz/images/dapp-rarible.png	Other
2023-11-15	medium	metamaskonline.xyz/images/dapp-opensea.png	Other
2023-11-15	medium	metamaskonline.xyz/images/dapp-maker.png	Other
2023-11-15	medium	metamaskonline.xyz/images/dapp-uniswap.png	Other
2023-11-15	medium	metamaskonline.xyz/images/dapp-compound.png	Other
2023-11-15	medium	metamaskonline.xyz/	Other
2023-11-15	medium	metamaskonline.xyz/images/dapp-axieinfinity.png	Other
2023-11-15	medium	metamaskonline.xyz/fonts/EuclidCircularB-Regular-WebXL.woff2	Other
2023-11-15	medium	metamaskonline.xyz/fonts/EuclidCircularB-Bold-WebXL.woff2	Other
2023-11-15	medium	metamaskonline.xyz/js/common.js	Other
2023-11-15	medium	metamaskonline.xyz/images/hero2.2.png	Other
2023-11-15	medium	metamaskonline.xyz/css/webflow.css	Other
2023-11-15	medium	metamaskonline.xyz/js/gtag.js	Other
2023-11-15	medium	metamaskonline.xyz/images/social-35.svg	Other
2023-11-15	medium	metamaskonline.xyz/images/Explore-illo.svg	Other
2023-11-15	medium	metamaskonline.xyz/js/webfont.js	Other
2023-11-15	medium	metamaskonline.xyz/images/mm-logo.svg	Other
2023-11-15	medium	metamaskonline.xyz/js/v2.js	Other
2023-11-15	medium	metamaskonline.xyz/js/enterprise.js	Other
2023-11-15	medium	metamaskonline.xyz/images/dapp-aave.png	Other
2023-11-15	medium	metamaskonline.xyz/images/wallet-illo.svg	Other
2023-11-15	medium	metamaskonline.xyz/js/jquery-3.5.1.min.dc5e7f18c8.js	Other
2023-11-15	medium	metamaskonline.xyz/images/Browse-illo.svg	Other
2023-11-15	medium	metamaskonline.xyz/z_stat-1280416669_1280416669.js	Other
2023-11-15	medium	metamaskonline.xyz/css/normalize.css	Other
2023-11-15	medium	metamaskonline.xyz/js/analytics.js	Other
2023-11-15	medium	metamaskonline.xyz/css/metamask-staging-2.webflow.css	Other
2023-11-15	medium	metamaskonline.xyz/js/analytics.js	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed
2023-11-15	medium	metamaskonline.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (27)

	URL	From	Size	First Seen	Last Seen
	www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 02:49 Times Seen4633490 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	metamaskonline.xyz/js/jquery-3.5.1.min.dc5e7f18c8.js	ScriptElement	90 kB	2023-03-07	2025-05-09
Pretty URL metamaskonline.xyz/js/jquery-3.5.1.min.dc5e7f18c8.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 02:46 Times Seen108559 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js	ScriptElement	477 kB	2023-11-08	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-08 17:48 Last Seen2024-08-20 20:23 Times Seen3326 Hash fbeedf13eeb71cbe02bc458db14b7539 38ce3a321b003e0c89f8b2e00972caa26485a6e0 09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhbWFza29ubGluZS54eXo6NDQz&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&badge=inline&cb=22na4wo5ylm6	ScriptElement	75 B	2023-03-07	2025-05-09
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhbWFza29ubGluZS54eXo6NDQz&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&badge=inline&cb=22na4wo5ylm6 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-05-09 01:52 Times Seen14224 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	metamaskonline.xyz/	ScriptElement	131 B	2023-03-07	2025-05-03
Pretty URL metamaskonline.xyz/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen54 Hash 8da5c3d05348bfc0ef2e7d64796f08ce e080496b1ba9bcbc603d81c6021044631b89a0c8 f8b75ad14956c9b4a7da3b51493be28faf5bf3b7bc4dc509868bd0e31f240fbf Loading...

	www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true	ScriptElement	1.0 kB	2023-11-11	2023-11-16
Pretty URL www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-11 08:44 Last Seen2023-11-16 19:49 Times Seen7 Hash d5e35421bd38fefbe7aa844195375038 d80b0e5900f4a940395767a6e80ee167e4a02592 e2dfe4b164e2a6d49360b803afae1ac47546c35a47c0112471f53519ebc5d1b4 Loading...

	metamaskonline.xyz/	ScriptElement	271 B	2023-03-07	2025-05-03
Pretty URL metamaskonline.xyz/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen58 Hash 5cc04270e6de1ba3403b9bb4aa18e0bb 02b450b0709e7e8b42847897d4f71388c6b891f1 9aeb52da922aad84c3d824450a12d0c862b6405e789d0df794d43ebbcfac1468 Loading...

	metamaskonline.xyz/js/v2.js	ScriptElement	577 kB	2023-03-07	2025-05-03
Pretty URL metamaskonline.xyz/js/v2.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen52 Hash 40544d5dbcd42e3128e75c41a313bb6b 07238a687a240643e6fd60455e71e157b1f72262 a6e30a1c4e1913d92f1ef2906fa03630ee961e2ae777ffaa15a2ebc47176e485 Loading...

	metamaskonline.xyz/js/webflow.js	ScriptElement	568 kB	2023-03-07	2025-05-04
Pretty URL metamaskonline.xyz/js/webflow.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-04 15:45 Times Seen94 Hash aa932307fd6818913c360441a1d21397 5d832542de495c05a829b2cdba867b8e508a69dc 8de8a14b1b42b80ff2a89d3afaccd40bad8e6f1b507cc20fe78408c8ff7aa252 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhbWFza29ubGluZS54eXo6NDQz&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&badge=inline&cb=22na4wo5ylm6	ScriptElement	53 kB	2024-08-20	2024-08-20
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhbWFza29ubGluZS54eXo6NDQz&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&badge=inline&cb=22na4wo5ylm6 IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 19:28 Last Seen2024-08-20 19:28 Times Seen1 Hash 1faa62c12eb8bd845ca4e9bc72ecb1f8 2523dfba352f4b0b2035b06ffcadc51f6ab07780 606b3db98114e09bc1313d6b5a7d385544add07b97a33c7c0bbcbe079529da32 Loading...

	metamaskonline.xyz/js/webfont.js	ScriptElement	13 kB	2023-03-07	2025-05-09
Pretty URL metamaskonline.xyz/js/webfont.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 00:57 Times Seen17499 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	metamaskonline.xyz/js/analytics.js	ScriptElement	50 kB	2023-03-07	2025-05-04
Pretty URL metamaskonline.xyz/js/analytics.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-04 12:04 Times Seen102 Hash 876c0f150943aff8b256da31f79ac00e b54a0b23c420cc5a9e491cbb3817ecdb65e81991 fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62 Loading...

	metamaskonline.xyz/js/common.js	ScriptElement	1.3 kB	2023-03-07	2025-05-03
Pretty URL metamaskonline.xyz/js/common.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen54 Hash bd2a0385ca182e58c5ecb5590f795183 bbecb1eac5a6742bbc7b0103394ed515bfac3f55 75a54c0d7aab1bc076b76e96d64d1826cf8e1be5d3c65fefc42f14907d8d0240 Loading...

	forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=	ScriptElement	5.8 kB	2023-11-15	2023-11-15
Pretty URL forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= IP 104.18.160.125 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-15 15:55 Last Seen2023-11-15 15:55 Times Seen1 Hash 72167077036cb23ad407d321366c60ab b7f8bc9ad3fab9e2650f6104cfcdeb6a0f2bf2f2 8bb0479ba8543070825dfabf46f366c344186cf30d0bc387103e598e6ebc7af6 Loading...

	metamaskonline.xyz/	ScriptElement	251 B	2023-03-07	2025-05-03
Pretty URL metamaskonline.xyz/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen54 Hash bed44b24e4fff29f2e0bf3739e46316c 584f9bbf144ef51dfcc79953b1770628319d43dd c0c9670efa75fdbcfae7a3b9caea4279885ce290e76f8769d7b4d7421ef593cf Loading...

	metamaskonline.xyz/js/gtag.js	ScriptElement	92 kB	2023-03-07	2025-05-03
Pretty URL metamaskonline.xyz/js/gtag.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen55 Hash 8565965902198b680974beb4f8006741 3e60fb528c543082cc483acd620b78002e848fbf 28c8a04ee3648c79f7e5b15b1a62a816eb8073a4133bfb69ca291e5972e0f291 Loading...

	metamaskonline.xyz/z_stat-1280416669_1280416669.js	ScriptElement	12 kB	2023-03-07	2025-05-03
Pretty URL metamaskonline.xyz/z_stat-1280416669_1280416669.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen43 Hash e1be54869a16611acffff9f5f8883daf df0fc0ae677ba0cd5c21994a8b5189cd5fc425a7 02ba8db5232b3810e186d5f70f7be20d172dfb3b03803937fe0cb442c5bccf1d Loading...

	metamaskonline.xyz/	ScriptElement	246 B	2023-03-07	2025-05-03
Pretty URL metamaskonline.xyz/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen51 Hash 5b8653ee2d3c63c0d1e14d4287ed862c 1bc0f69a67c81f5d996058592d44ccf14cf026a2 66cb513436139a50f16ddbfc135b080c9263b6c1cfc2aae6e1ba013585875e44 Loading...

	metamaskonline.xyz/	ScriptElement	970 B	2023-03-07	2025-05-03
Pretty URL metamaskonline.xyz/ IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen51 Hash 68def1a2ba813c0f9d86e7c7ed82d89d f5a424453e0888274c405f7362447070aa7346da 087e51bdc6189c6f7d8829582f5e6afc4b55e787458df91f2080dbb955d5c6a9 Loading...

	metamaskonline.xyz/js/enterprise.js	ScriptElement	1.0 kB	2023-03-07	2025-05-03
Pretty URL metamaskonline.xyz/js/enterprise.js IP 188.114.96.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen53 Hash f565ad01ef85ebe1ffbfa97f91a960c4 a8636143698b1981c2f7c482dad7aa2ac07e4ed2 c8767e2f7a52c171fe807dc80a53bc334a0700e9e38ad28245d6e16d9101c26f Loading...

		Size	First Seen	Last Seen
	#1 Eval - be9bd07c871f93960cbf60e10c37d06c	22 B	2023-11-09 09:25	2024-08-20 20:18
Pretty Observations First Seen2023-11-09 09:25 Last Seen2024-08-20 20:18 Times Seen1456 Hash be9bd07c871f93960cbf60e10c37d06c c15c47568161d52233ee386e2201c2d404316491 645ff9aee4745c6d17672ff94a247b1dfcec8b107af91dd39cc66da2cd0b700a Loading...

	#2 Eval - cfb223955b96f92051c5a545d557850b	21 kB	2023-11-15 15:55	2024-08-20 19:28
Pretty Observations First Seen2023-11-15 15:55 Last Seen2024-08-20 19:28 Times Seen2 Hash cfb223955b96f92051c5a545d557850b e0e385c62faca07e4f315507c54953b1e7adf59b 6d632ec322c3db27c02cfabc3310ed6ce6d119b707b59d4ec8387b3e63be0897 Loading...

	#3 Eval - 6849ac7417e371c470e87652f1a6b682	17 kB	2023-11-09 09:25	2024-08-20 20:18
Pretty Observations First Seen2023-11-09 09:25 Last Seen2024-08-20 20:18 Times Seen1454 Hash 6849ac7417e371c470e87652f1a6b682 05826541aa11d2ae47fb24183366557f0230a5ed 99732ec9500587fc6461e5339a61b4bd05a2716691eb751302e9154f0639fb4f Loading...

	#4 Eval - 97e6c2f32f8d34ba4862b2ef00e3e51b	64 B	2023-11-09 09:25	2024-08-20 20:18
Pretty Observations First Seen2023-11-09 09:25 Last Seen2024-08-20 20:18 Times Seen1454 Hash 97e6c2f32f8d34ba4862b2ef00e3e51b 0fbf01302c7704e2150b6911770008833551e153 ebaecce1797fe6783a9debd0d3736abc44fef16a019cd228323ae6496b992c5d Loading...

	#5 Eval - 1498c67851dcd8e62b6259a6e489885e	21 kB	2024-08-20 19:28	2024-08-20 19:28
Pretty Observations First Seen2024-08-20 19:28 Last Seen2024-08-20 19:28 Times Seen1 Hash 1498c67851dcd8e62b6259a6e489885e 7e7311bbb877f3ef47ce7900c0cd28c1cdcb9669 95025f60dc3369ac11052e5dfbd539400b07680c0e838807d2d760512271d4ae Loading...

	#6 Eval - 1d67376dbddf41b70dbae89581a72526	22 B	2023-11-09 09:25	2024-08-20 20:18
Pretty Observations First Seen2023-11-09 09:25 Last Seen2024-08-20 20:18 Times Seen1455 Hash 1d67376dbddf41b70dbae89581a72526 5a5cda2c89c72e02982347c72a2a37f7f5537f39 d27712119f87276bd3aa647025d0613f03d00ba550b771026a6c8ab1c83873cf Loading...

		Size	First Seen	Last Seen
	#1 Write - b43535cdb5c91dadc6aee6d5e748a82f	112 B	2023-03-07 01:18	2025-05-03 16:42
Pretty Observations First Seen2023-03-07 01:18 Last Seen2025-05-03 16:42 Times Seen50 Hash b43535cdb5c91dadc6aee6d5e748a82f 1f984b196fdc347058ea4d6a96de1ea8ad54a188 f8b855a740e4aa3db7ae2db2ca93a57bda6ab9b088f4854852b97ac2a5ba6fd5 Loading...

HTTP Transactions (58)

URL IP Response Size

metamask.io/logo.js

185.199.110.153

404 Not Found

18 kB

URL GET HTTP/2
metamask.io/logo.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://metamaskonline.xyz/
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint83:6F:D9:3B:D8:B7:26:F8:C6:33:19:B3:21:34:ED:C3:6B:2B:31:DA
ValidityFri, 22 Sep 2023 09:30:46 GMT - Thu, 21 Dec 2023 09:30:45 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (38165)
Size
18 kB (18132 bytes)
Hash
cb37764390b9a98bed5cd9289025bb2e
41771c8632aedd7ed778c5fb4d73aff85114ba43
9cb55b8a6be2e8e3cfd85954a29f59c580a5c14b304e81eb08e5cede2af108a7

HTTP Headers

GET /logo.js HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"6554a9ad-13439"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: BD66:EFC9:3854FED:392C0BF:6554DBC4
accept-ranges: bytes
date: Wed, 15 Nov 2023 14:55:01 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1625-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1700060101.988342,VS0,VE122
vary: Accept-Encoding
x-fastly-request-id: 1ac554a35ba7196c15a17017cce4bd0fe125014c
content-length: 18132
X-Firefox-Spdy: h2

metamaskonline.xyz/js/webflow.js

188.114.96.1

200 OK

146 kB

URL GET HTTP/3
metamaskonline.xyz/js/webflow.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
Unicode text, UTF-8 text, with very long lines (54239)
Size
146 kB (146194 bytes)
Hash
aa932307fd6818913c360441a1d21397
5d832542de495c05a829b2cdba867b8e508a69dc
8de8a14b1b42b80ff2a89d3afaccd40bad8e6f1b507cc20fe78408c8ff7aa252

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/webflow.js HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:00 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8a920-8ac72"
expires: Wed, 15 Nov 2023 19:44:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 25801
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYVT6M1OWGNseGuy8TqF6eZNdTWw6Cf3ImJSkL11gE3gHpJOW%2FXulU92h62ev5KqzgNzcddcT0x83PgVyC6q57JqAgTXpovnxi%2FSUZQ%2BgeconoTtcFErcd%2Byvhvb1edP5z9i7EY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8268552ee95456a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

142.250.74.163

200 OK

8.4 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Size
8.4 kB (8404 bytes)
Hash
141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

HTTP Headers

GET /s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://metamaskonline.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 10 Nov 2023 18:18:12 GMT
expires: Sat, 09 Nov 2024 18:18:12 GMT
cache-control: public, max-age=31536000
age: 419809
last-modified: Thu, 24 Aug 2023 20:56:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

metamask.io/logo.js

185.199.110.153

404 Not Found

18 kB

URL GET HTTP/2
metamask.io/logo.js
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://metamaskonline.xyz/
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint83:6F:D9:3B:D8:B7:26:F8:C6:33:19:B3:21:34:ED:C3:6B:2B:31:DA
ValidityFri, 22 Sep 2023 09:30:46 GMT - Thu, 21 Dec 2023 09:30:45 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (38165)
Size
18 kB (18132 bytes)
Hash
cb37764390b9a98bed5cd9289025bb2e
41771c8632aedd7ed778c5fb4d73aff85114ba43
9cb55b8a6be2e8e3cfd85954a29f59c580a5c14b304e81eb08e5cede2af108a7

HTTP Headers

GET /logo.js HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"6554a9ad-13439"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: BD66:EFC9:3854FED:392C0BF:6554DBC4
accept-ranges: bytes
date: Wed, 15 Nov 2023 14:55:01 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1700060102.526289,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 466b22b0b8c362661a5f96f3bcefdcd8cb7b975e
content-length: 18132
X-Firefox-Spdy: h2

metamaskonline.xyz/images/dapp-gitcoin.png

188.114.96.1

200 OK

8.0 kB

URL GET HTTP/3
metamaskonline.xyz/images/dapp-gitcoin.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (7998 bytes)
Hash
c710e9a5c39e89136a73edf0a1c99abe
aca40362b7d87533d00250e102ba852d19e2231c
7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/dapp-gitcoin.png HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: image/png
content-length: 7998
last-modified: Thu, 20 Jan 2022 00:12:40 GMT
etag: "61e8a8f8-1f3e"
expires: Fri, 15 Dec 2023 14:55:01 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZeYMZGQlP%2Fl3seZQhfxPMFmZ0%2FaCTwU75sakEwK46dUNe%2FTEeTtP00YMAzb8yabLfORFADcmShBpk5YiOw5g33zckS0tlAJ62yIivEeFhs34Ole1LAotTT70qcRc0vc4DLd5KjQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ed94256a8-OSL
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/images/dapp-rarible.png

188.114.96.1

200 OK

6.8 kB

URL GET HTTP/3
metamaskonline.xyz/images/dapp-rarible.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
6.8 kB (6840 bytes)
Hash
b9f7c0fd11c34c044799e673947103f8
491baab057af39b2b24bf0c671d0eb05454b8c48
29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/dapp-rarible.png HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: image/png
content-length: 6840
last-modified: Thu, 20 Jan 2022 00:12:42 GMT
etag: "61e8a8fa-1ab8"
expires: Fri, 15 Dec 2023 14:55:01 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzwlJ8HDAUuM%2BVESGKWGbWwQa3c9ZDt0ptnI4sZFz0aqSBL%2BWEHCiYIROrIBS6qpvcSFimUcCfZT%2BSxB5Yt7XgjSNn1oq8I9msvo102pkPFnGKsrwVAUqvYgYGK%2BWLcNYUPDDaQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ed94856a8-OSL
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/images/dapp-opensea.png

188.114.96.1

200 OK

6.5 kB

URL GET HTTP/3
metamaskonline.xyz/images/dapp-opensea.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6533 bytes)
Hash
f82776f839cec899c9c87a680226aabf
43f5dedb6216cb02ee568fcb66cb19fc296c3a85
c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/dapp-opensea.png HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: image/png
content-length: 6533
last-modified: Thu, 20 Jan 2022 00:12:42 GMT
etag: "61e8a8fa-1985"
expires: Fri, 15 Dec 2023 14:55:01 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQas2AIrt2Z0ZiyMOPa65WzJxW4c8HF22YGjjm%2Fz9IxTSWASSHp%2BeJ5xLvnQBPOZ6dU6l9ar3BQgTUtifCAMoTXuDmFCwrcz6yGcaARTO%2FHuxdt6MJvTUiYotAfg6cjcc5r6Un8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ed94756a8-OSL
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/images/dapp-maker.png

188.114.96.1

200 OK

6.9 kB

URL GET HTTP/3
metamaskonline.xyz/images/dapp-maker.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
6.9 kB (6852 bytes)
Hash
720871ca002e89a10d26e5c516066311
8648fe12645cd5c3473a73faba1d42cef78de444
f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/dapp-maker.png HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: image/png
content-length: 6852
last-modified: Thu, 20 Jan 2022 00:12:40 GMT
etag: "61e8a8f8-1ac4"
expires: Fri, 15 Dec 2023 14:55:01 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYlPHsUD8%2BXWn8CfilF6BkB3fQjIOKZTmSNdfJQmUo%2FMsf8En%2F0Dw3Rincrqb9q0K1ee5PKp%2B3l0abYoCLnJEYVUtG0oUD9MwolK8DcvvZe09Dh%2BvuwEIRJkgCQvD5eiiIUBZc0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ed94556a8-OSL
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/images/dapp-uniswap.png

188.114.96.1

200 OK

10 kB

URL GET HTTP/3
metamaskonline.xyz/images/dapp-uniswap.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10268 bytes)
Hash
1948962ad395727d902bd6b5fcd01807
f7e85e096b084ef6d9f550afbcd702fd889031a5
ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/dapp-uniswap.png HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: image/png
content-length: 10268
last-modified: Thu, 20 Jan 2022 00:12:42 GMT
etag: "61e8a8fa-281c"
expires: Fri, 15 Dec 2023 14:55:01 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y%2FBBXvyebyQ0x8TbESaGWXFcXQ5oEdheKH5tz47DBQOZGd650B9U%2B6Cp%2FBwWIBfINArJVSPtXqSYoSGApRz3gCAPWm5XrTohB5puRAKa1Q0VIM3FWXujCIY7xAyMcNxIJ6WdmZg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ed94a56a8-OSL
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/images/dapp-compound.png

188.114.96.1

200 OK

11 kB

URL GET HTTP/3
metamaskonline.xyz/images/dapp-compound.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11355 bytes)
Hash
3818f9cfccbd94fad91a10d3c5ee356c
7c6af849177aa8bf6ef9bcbf801dc375e1997900
20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/dapp-compound.png HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: image/png
content-length: 11355
last-modified: Thu, 20 Jan 2022 00:12:40 GMT
etag: "61e8a8f8-2c5b"
expires: Fri, 15 Dec 2023 14:55:01 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vv8%2FBG9uAStes1DeTOPCVlA%2B9xs37MCHNvFne2Okx8gzzL6Z0UHKrXHJjNrodwabjgw6PS%2FQlybMdE2t2fgmAPYEDaRTNX9pZTnX6%2FBJdUDTxz1OTRpd%2BvHj%2FyQ7mcdSIzLGQLs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ec93b56a8-OSL
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/

188.114.96.1

200 OK

22 kB

URL User Request GET HTTP/2
metamaskonline.xyz/
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (19383), with CRLF, LF line terminators
Size
22 kB (21897 bytes)
Hash
4efa1e7ec246cc0aa62ae4e5389b5db7
5110874c5440979fc5669766673bd478410fcacc
2509c1a594f2d54d083492c915a985600b754fecdd7bc40788614e353152642a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 15 Nov 2023 14:55:00 GMT
content-type: text/html
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H19aUlCT0pL2f691EJNNNmq2zExP15RnmcV2limjE3%2FCLg7a9lQ70%2Ftq0%2BDrY03U006jKullrmoQgohS4lQ1Vj5P6iQ4Xg61xRUJcWmaonNBn6dqUy5tHaXgVEXRhLqWqUbOKpM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 826855296df2b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

metamaskonline.xyz/images/dapp-axieinfinity.png

188.114.96.1

200 OK

43 kB

URL GET HTTP/3
metamaskonline.xyz/images/dapp-axieinfinity.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (42713 bytes)
Hash
5f662391fe3ddc927134ba8e15263eaf
ab5ea7aacdc8c97238247f59761abc02033b2a67
7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/dapp-axieinfinity.png HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: image/png
content-length: 42713
last-modified: Thu, 20 Jan 2022 00:12:40 GMT
etag: "61e8a8f8-a6d9"
expires: Fri, 15 Dec 2023 14:55:01 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDpWXp8%2FvRMQhDrGvpYIRbcKaqF9xBNIJEiEI0VIKduXvUk%2FhZwG4jqG%2FS%2Bd%2F%2FA1md9bAaVvq8DBN7MahIYfa1kT80ljHh8KDrY0npXBKel7kpRO%2FJjQpC7mFremCiVruvDd4gc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ec93756a8-OSL
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/fonts/EuclidCircularB-Regular-WebXL.woff2

188.114.96.1

200 OK

45 kB

URL GET HTTP/3
metamaskonline.xyz/fonts/EuclidCircularB-Regular-WebXL.woff2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Size
45 kB (45196 bytes)
Hash
2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/css/metamask-staging-2.webflow.css
Cookie: _ga=GA1.2.2112339741.1700060101; _gid=GA1.2.1431720559.1700060101; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:02 GMT
content-type: font/woff2
content-length: 45196
last-modified: Thu, 20 Jan 2022 00:13:18 GMT
etag: "61e8a91e-b08c"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=47%2BU6Fd%2FQ9%2FC%2FUh5PMAA9PI3gCTmPStGT1H2yCsL%2B45tbcYAohmAGpJXIkW5h%2Fg0BWxDaaKEnT6np6NUAv2VSuY%2Bo4fllF1yzok4aC336SfPCzxgP9N9JgzwDnRRKx5u75wBPeo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82685532bcc356a8-OSL
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/fonts/EuclidCircularB-Bold-WebXL.woff2

188.114.96.1

200 OK

44 kB

URL GET HTTP/3
metamaskonline.xyz/fonts/EuclidCircularB-Bold-WebXL.woff2
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Size
44 kB (44544 bytes)
Hash
9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/css/metamask-staging-2.webflow.css
Cookie: _ga=GA1.2.2112339741.1700060101; _gid=GA1.2.1431720559.1700060101; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:02 GMT
content-type: font/woff2
content-length: 44544
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
etag: "61e8a920-ae00"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RimZut9lnpGx8kQ26h%2Brhb01vknfd7xwDXe8ueakrixbRW%2B%2Bf5Uk9QqxEYl%2BfoNokQQJofqVShOJfKPdGQcoQHRpY9WKBbfFe1et9pwRWNkc5o%2B2BKfWmJDN9H50ShJJxzmPP2E%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82685532bcc956a8-OSL
alt-svc: h3=":443"; ma=86400

forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=

104.18.160.125

200 OK

2.1 kB

URL GET HTTP/1.1
forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
IP
104.18.160.125:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (5762), with no line terminators
Size
2.1 kB (2098 bytes)
Hash
72167077036cb23ad407d321366c60ab
b7f8bc9ad3fab9e2650f6104cfcdeb6a0f2bf2f2
8bb0479ba8543070825dfabf46f366c344186cf30d0bc387103e598e6ebc7af6

HTTP Headers

GET /embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 15 Nov 2023 14:55:02 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace: 2BCAA92948958F2E90F2D48A849952A49A7CFFEAE5000000000000000000
X-Origin-Hublet: na1
Vary: origin
Content-Disposition: attachment; filename=no-rfd.txt
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: false
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
x-envoy-upstream-service-time: 14
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-4mj4s
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
X-HubSpot-Correlation-Id: 9c6e718f-d71b-4aff-b42e-954aa481b0b2
x-request-id: 9c6e718f-d71b-4aff-b42e-954aa481b0b2
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 826855398b4d0b55-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/js/common.js

188.114.96.1

200 OK

935 B

URL GET HTTP/3
metamaskonline.xyz/js/common.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
ASCII text, with CRLF line terminators
Size
935 B (935 bytes)
Hash
bd2a0385ca182e58c5ecb5590f795183
bbecb1eac5a6742bbc7b0103394ed515bfac3f55
75a54c0d7aab1bc076b76e96d64d1826cf8e1be5d3c65fefc42f14907d8d0240

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/common.js HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8a920-51c"
expires: Thu, 16 Nov 2023 02:55:01 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u52ahNUenkvQQIoEzMclksBFH6JC5wpmJ4%2BcW6%2FHrcjihIQ%2F%2FSp0YX39zotbhmPiMJTVnI9qMu03HaQm5nvSqSjqL0PyK0KkzHHm%2FcMDvgB8qXNSHyVVaOreLVg%2F5BS1vs4S3ik%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8268552ee95556a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
ASCII text, with very long lines (682)
Size
191 kB (191412 bytes)
Hash
fbeedf13eeb71cbe02bc458db14b7539
38ce3a321b003e0c89f8b2e00972caa26485a6e0
09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55

HTTP Headers

GET /recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metamaskonline.xyz
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 191412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Nov 2023 23:56:58 GMT
expires: Tue, 12 Nov 2024 23:56:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 140285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

142.250.74.132

200 OK

2.2 kB

URL GET HTTP/2
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintF5:CC:DA:B5:BA:1E:14:14:44:CC:27:90:92:CC:60:1F:5F:08:AF:77
ValidityMon, 16 Oct 2023 08:10:46 GMT - Mon, 08 Jan 2024 08:10:45 GMT

File type
gzip compressed data\012- data
Size
2.2 kB (2240 bytes)
Hash
7a0c7e4cc33c896747b2937a649a67f2
3b7ace774917953f43ae4b70dcf77bd5aafbb8da
b588c5e5f292abee008b25e7bae051247105fc920750cb53f1b7e4d58928cfe5

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Wed, 15 Nov 2023 14:55:02 GMT
date: Wed, 15 Nov 2023 14:55:02 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067

104.18.160.125

200 OK

35 B

URL GET HTTP/3
perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067
IP
104.18.160.125:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:03 GMT
content-type: image/gif
content-length: 35
x-trace: 2B588577400A55CD117F7C3E4378252B3CE28E357A000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
x-envoy-upstream-service-time: 3
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-w45gv
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: e317540a-9d3c-44b3-b99c-3d10b1859ea2
x-request-id: e317540a-9d3c-44b3-b99c-3d10b1859ea2
last-modified: Wed, 15 Nov 2023 14:55:03 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8268553e0bf60b4d-OSL
alt-svc: h3=":443"; ma=86400

metamask.icu/images/favicon.ico

199.59.243.225

200 OK

1.1 kB

URL GET HTTP/1.1
metamask.icu/images/favicon.ico
IP
199.59.243.225:443
ASN
#16509 AMAZON-02

Requested by
https://metamaskonline.xyz/
Certificate
IssuerLet's Encrypt
Subjectmetamask.icu
Fingerprint81:3F:4E:62:0E:79:78:4E:09:58:F8:8E:18:F8:E0:AC:47:46:D2:91
ValiditySun, 10 Sep 2023 05:14:38 GMT - Sat, 09 Dec 2023 05:14:37 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (386)
Size
1.1 kB (1089 bytes)
Hash
b5a5b5bad916e099b013eb2c9d0fd8b2
f63987d7ad499e5f9e00587d3fdbb0204a73e167
ce6df59f9ceefe4b8fdcae6de00d05a8f8ad860c36f352594148d288f167e701

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: metamask.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 15 Nov 2023 14:55:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1089
X-Request-Id: 97e4e2fc-33ae-45a3-92ab-2a4fb35c66cd
Cache-Control: no-store, max-age=0
Accept-Ch: sec-ch-prefers-color-scheme
Critical-Ch: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_v3t+aU45Kts/SbIRYk6ysAKoAs3rKMrtzL9g+ck/JgSer+huei+4OFnUWFaoWFsGgByRXlPX6EbhKyErG5pDEw==
Set-Cookie: parking_session=97e4e2fc-33ae-45a3-92ab-2a4fb35c66cd; expires=Wed, 15 Nov 2023 15:10:03 GMT; path=/
Connection: close

metamask.icu/images/webclip.png

199.59.243.225

200 OK

1.1 kB

URL GET HTTP/1.1
metamask.icu/images/webclip.png
IP
199.59.243.225:443
ASN
#16509 AMAZON-02

Requested by
https://metamaskonline.xyz/
Certificate
IssuerLet's Encrypt
Subjectmetamask.icu
Fingerprint81:3F:4E:62:0E:79:78:4E:09:58:F8:8E:18:F8:E0:AC:47:46:D2:91
ValiditySun, 10 Sep 2023 05:14:38 GMT - Sat, 09 Dec 2023 05:14:37 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (386)
Size
1.1 kB (1089 bytes)
Hash
2e54a8a6b87d3cc34012dff650e75f94
09be65da17fea4d6bda551f441a078ffb58658e9
3e5dd873cd4352ec3b674229d2efdc84a4132f247d3cd49433a28f290c9733b1

HTTP Headers

GET /images/webclip.png HTTP/1.1
Host: metamask.icu
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Wed, 15 Nov 2023 14:55:02 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1089
X-Request-Id: 2b7daaaf-71e9-44d8-b4e4-7f2dd2b8b303
Cache-Control: no-store, max-age=0
Accept-Ch: sec-ch-prefers-color-scheme
Critical-Ch: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_xedalA4ww5GE/depwDw2gacq5nKTsoPvXPK0P+U7611zb5TYsbsh4tGM38UdqN16xuhdGyuzn0cPB8+uYP4eSw==
Set-Cookie: parking_session=2b7daaaf-71e9-44d8-b4e4-7f2dd2b8b303; expires=Wed, 15 Nov 2023 15:10:03 GMT; path=/
Connection: close

www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
ASCII text, with very long lines (56398), with no line terminators
Size
25 kB (24606 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Nov 2023 08:38:16 GMT
expires: Thu, 14 Nov 2024 08:38:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
content-type: text/css
vary: Accept-Encoding
age: 22607
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
ASCII text, with very long lines (682)
Size
191 kB (191412 bytes)
Hash
fbeedf13eeb71cbe02bc458db14b7539
38ce3a321b003e0c89f8b2e00972caa26485a6e0
09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55

HTTP Headers

GET /recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 191412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Nov 2023 23:56:58 GMT
expires: Tue, 12 Nov 2024 23:56:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 140285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

metamaskonline.xyz/images/hero2.2.png

188.114.96.1

200 OK

590 kB

URL GET HTTP/3
metamaskonline.xyz/images/hero2.2.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data
Size
590 kB (589568 bytes)
Hash
d0ec70f4c666fbf6ad0d30a52d08c5c9
e48f0688bc4f592824840478d12c05df0dd12002
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/hero2.2.png HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/css/metamask-staging-2.webflow.css
Cookie: _ga=GA1.2.2112339741.1700060101; _gid=GA1.2.1431720559.1700060101; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:02 GMT
content-type: image/png
content-length: 589568
last-modified: Thu, 20 Jan 2022 00:13:06 GMT
etag: "61e8a912-8ff00"
expires: Fri, 15 Dec 2023 14:55:01 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uKxTB1hcg%2BgHPfYkRr36C8lFggp%2BLnTSJiY%2Bre2AiTWCaqJwYoOYXuN0tt8RRAo9hKG%2FDG2Y6WejyXghGFl%2F0KecfgaXFYy10amcvXnnNkcu1CClPztpYyn%2BzPFb0k49CFVByGg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 82685532acba56a8-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.163

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhbWFza29ubGluZS54eXo6NDQz&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&badge=inline&cb=22na4wo5ylm6
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Nov 2023 01:58:25 GMT
expires: Sun, 10 Nov 2024 01:58:25 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 392198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

metamaskonline.xyz/css/webflow.css

188.114.96.1

200 OK

25 kB

URL GET HTTP/3
metamaskonline.xyz/css/webflow.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
Unicode text, UTF-8 text, with very long lines (2587)
Size
25 kB (25205 bytes)
Hash
13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/webflow.css HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:00 GMT
content-type: text/css
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8a920-98c5"
expires: Wed, 15 Nov 2023 19:44:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 25802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fLeZaVLgw%2FVUR%2B0mvEHx4R3fy5emMcCVq452dDjcnSikZkWUess%2F3eUaWhSphcYI8%2F9%2FtabasyLSDyxyr0fpCpNpnR8dbILG37DKyML1F%2BM1nYHh2%2Be4EobSK%2FoPPIeccjVWtyY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8268552eb92556a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/js/gtag.js

188.114.96.1

200 OK

39 kB

URL GET HTTP/3
metamaskonline.xyz/js/gtag.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
ASCII text, with very long lines (1896)
Size
39 kB (38803 bytes)
Hash
8565965902198b680974beb4f8006741
3e60fb528c543082cc483acd620b78002e848fbf
28c8a04ee3648c79f7e5b15b1a62a816eb8073a4133bfb69ca291e5972e0f291

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/gtag.js HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:00 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8a920-16984"
expires: Wed, 15 Nov 2023 19:44:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 25802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KHLRKHy5g67pykqhxNgI7ap5gksj5DYz6E4j0HS1pTUFeZbA4vDYJEgwHyO8VRmcwhN%2FBvsaogvMfbyTP0pi6XO6JqGCmtcFvL5xcCTFy030VHfuk7WYnZYLHP%2BSSS5QBDF7zvw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8268552ec92b56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
ASCII text, with very long lines (682)
Size
191 kB (191412 bytes)
Hash
fbeedf13eeb71cbe02bc458db14b7539
38ce3a321b003e0c89f8b2e00972caa26485a6e0
09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55

HTTP Headers

GET /recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 191412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Nov 2023 23:56:58 GMT
expires: Tue, 12 Nov 2024 23:56:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 140285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

metamaskonline.xyz/images/social-35.svg

188.114.96.1

200 OK

25 kB

URL GET HTTP/3
metamaskonline.xyz/images/social-35.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
25 kB (24972 bytes)
Hash
d5e7fa6bfac5cb057e4974b17d5f0e53
fd3f64fd6b8fc6bb097bcd065337c70d8d2cef37
bcba47e61462fcaa7a59953d7af48a777438587b79faf7fcda5831cea8e9a7da

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/social-35.svg HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: image/svg+xml
last-modified: Thu, 20 Jan 2022 00:12:38 GMT
etag: W/"61e8a8f6-25a"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky1bHxCw%2FGFKOo14%2FGj0%2F63Pw7R4VUxSJBd6OLDcSmgpsv7n0JU%2BHffOtcqLNtBTa4PjM%2FFHplLunFKIOj4vCOjJneQfmhdylmw9bw6G6PSMhoyHXJvG4hsmcHXl7cMYeHsEctc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ec92f56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
ASCII text, with very long lines (682)
Size
191 kB (191412 bytes)
Hash
fbeedf13eeb71cbe02bc458db14b7539
38ce3a321b003e0c89f8b2e00972caa26485a6e0
09ed391c987b3b27df5080114e00377ff1a748793cb417a809b33f22d737fe55

HTTP Headers

GET /recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 191412
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Nov 2023 23:56:58 GMT
expires: Tue, 12 Nov 2024 23:56:58 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 06 Nov 2023 03:03:27 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 140286
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.132

200 OK

41 kB

URL POST HTTP/3
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT

File type
gzip compressed data\012- data
Size
41 kB (41194 bytes)
Hash
8a9ef58d24dd3f4aefbcff9756ecd9a6
2a7aaf7e4d5c34aae86ca56247330535aca8c10d
02b02c76406a6e0e80250e3d17913c5bdaa5654c55a273536545f27bbc680583

HTTP Headers

POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 8637
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Wed, 15 Nov 2023 14:55:04 GMT
expires: Wed, 15 Nov 2023 14:55:04 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09ALvilpYCylTIzbrcnpTYFYVNjpIa79DeSgQc7xwZ-BswttBStJCDw_txRqaJvkRIqg-6tclB7c8t-DWyXzqEiPU;Path=/recaptcha;Expires=Mon, 13-May-2024 14:55:04 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

metamaskonline.xyz/images/Explore-illo.svg

188.114.96.1

200 OK

28 kB

URL GET HTTP/3
metamaskonline.xyz/images/Explore-illo.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1527)
Size
28 kB (28354 bytes)
Hash
46fb450c5ecf6da758bca0975551f056
629157e884b450ecf5a94d38d736db3c7428245f
8ba2b37fd4f2f3c19c10109bc6111d3d71692c78f9351f1eb2a8cab5231b77b5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/Explore-illo.svg HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: image/svg+xml
last-modified: Thu, 20 Jan 2022 00:12:38 GMT
etag: W/"61e8a8f6-8fe3"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hrRBI5tCku2VjKwcwwDFANqRh4WHgGjUMssbYw41RG2LPZ5bl%2FGDDDR16m5WavNhObPBjL1biu7KP8fiZWF6QDJRrR%2B3OgkEcgaqQ3ICvj3%2Fd6%2Fa2g0MPSkoT7YovkzvVxdPY5M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ec93256a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

142.250.74.163

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 13 Nov 2023 23:42:20 GMT
expires: Tue, 12 Nov 2024 23:42:20 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 141164
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.35

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Nov 2023 15:12:23 GMT
expires: Thu, 16 Nov 2023 15:12:23 GMT
cache-control: public, max-age=604800
age: 517361
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.35

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 12 Nov 2023 06:45:33 GMT
expires: Sun, 19 Nov 2023 06:45:33 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 288571
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.35

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 Nov 2023 21:20:22 GMT
expires: Thu, 16 Nov 2023 21:20:22 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 495282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.googleapis.com/css?family=Changa+One:400,400italic

142.250.74.42

200 OK

800 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Changa+One:400,400italic
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
ASCII text, with very long lines (816), with no line terminators
Size
800 B (800 bytes)
Hash
d649df21660305e95bf70d4282367324
4a3aeaf4830f03b873105998d8ceaa017bc0b65c
338d6967247111e7857d08db563973e8782b09601225fece0af3420e5cd2fa56

HTTP Headers

GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 15 Nov 2023 14:55:01 GMT
date: Wed, 15 Nov 2023 14:55:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2

142.250.74.132

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhbWFza29ubGluZS54eXo6NDQz&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&badge=inline&cb=22na4wo5ylm6
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
ae046cc7c5325bdd7e3fac162767bf0b
879d996eafe340361a99fabb5f2422073c41e17e
5f6707358cdb63bdc85124260711d17242baf09cdbae1395b8cb461bebe7793c

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhbWFza29ubGluZS54eXo6NDQz&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&badge=inline&cb=22na4wo5ylm6
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Wed, 15 Nov 2023 14:55:03 GMT
date: Wed, 15 Nov 2023 14:55:03 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.132

200 OK

7.3 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7486), with no line terminators
Size
7.3 kB (7255 bytes)
Hash
785857733944da2a9067b1ad604a8a7f
d5c1120709bee64c75afb090687d6d2c91823fd8
c478d16b6d184b504906568b1f3dd5bdb0fdd9103bd6d1f68639467b4983e401

HTTP Headers

GET /recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 15 Nov 2023 14:55:04 GMT
content-security-policy: script-src 'nonce-qkm7qSrFwyKwtI-BHIE4Ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

metamaskonline.xyz/js/webfont.js

188.114.96.1

200 OK

13 kB

URL GET HTTP/3
metamaskonline.xyz/js/webfont.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
ASCII text, with very long lines (2134)
Size
13 kB (13188 bytes)
Hash
7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/webfont.js HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:00 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8a920-3384"
expires: Wed, 15 Nov 2023 19:44:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 25802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PupdUCqyAV1rEkMbrq8yUSTdCvT0F%2F9X%2BXWa7LhuuU6BID%2FjV0uzKY2k86Nz6TnBx7y04eX4utzHsKJ9XeGfmokXKPaKL18uktX6ip%2FNYTvNK8Z4H5kLiKSznTOvAaYM3haVz0U%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8268552ec92956a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/images/mm-logo.svg

188.114.96.1

200 OK

12 kB

URL GET HTTP/3
metamaskonline.xyz/images/mm-logo.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size
12 kB (12019 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/mm-logo.svg HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: image/svg+xml
last-modified: Thu, 20 Jan 2022 00:12:12 GMT
etag: W/"61e8a8dc-2ef3"
cache-control: max-age=14400
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dmBGMBS1J6A7ilp5VKZ2ZT7vY0s%2FyG3CU%2F%2BJ4BNZzw8MTs90c1teKiGvtwwbhhm1MhzXneP%2F3Qy2ztj3mSF5gn7cnQdeanzcZfP8iGA%2Fu6dsVLoGoJqNTZgZQIixT68v0n8Y%2BG8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ec92e56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/js/v2.js

188.114.96.1

200 OK

577 kB

URL GET HTTP/3
metamaskonline.xyz/js/v2.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type

Size
577 kB (576932 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/v2.js HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:02 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8a920-8cda4"
expires: Thu, 16 Nov 2023 02:55:01 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L6dQZGuVudHxn8shv27oqV48VgJ4%2BEWiVutk%2Frz5CbJhD42ASkCVvv%2FwV9eU2b96r6u6ju0q1%2FANcLGiC9nY2o8k1mkEqsZ0iLXNhY86RhbMu0RbIzlpnN%2FZXfpM89Er5vkv7j8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8268552ed95056a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

142.250.74.163

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size
7.9 kB (7900 bytes)
Hash
61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

HTTP Headers

GET /s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://metamaskonline.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 14 Nov 2023 21:37:08 GMT
expires: Wed, 13 Nov 2024 21:37:08 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:10:56 GMT
content-type: font/woff2
age: 62273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

metamaskonline.xyz/js/enterprise.js

188.114.96.1

200 OK

1.0 kB

URL GET HTTP/3
metamaskonline.xyz/js/enterprise.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
ASCII text, with very long lines (1011), with no line terminators
Size
1.0 kB (1011 bytes)
Hash
f565ad01ef85ebe1ffbfa97f91a960c4
a8636143698b1981c2f7c482dad7aa2ac07e4ed2
c8767e2f7a52c171fe807dc80a53bc334a0700e9e38ad28245d6e16d9101c26f

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/enterprise.js HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
etag: W/"61e8a920-3f3"
expires: Thu, 16 Nov 2023 02:55:01 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6qYb0UGZZYkls48y7IqnBoBjw7iIn3Udiaj5M2Z96rqoayuvBsBGSBnF2XpO5TsYGQkwG269NsQ7i8yOPOMsSyfR9ssbyhR4qzDvc9xI6uxiX%2F43NyJ%2F1TBHsX2kA5aIZeO5sM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ec92c56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhbWFza29ubGluZS54eXo6NDQz&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&badge=inline&cb=22na4wo5ylm6
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/fGZmEzpfeSeqDJiApS_XZ4Y2/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 08 Nov 2023 21:37:43 GMT
expires: Wed, 15 Nov 2023 21:37:43 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 580640
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/payload?p=06AFcWeA7Q2G_8xvb63OWiSDD3aRaj_WDTohuFHdhevBKLD-_EXXc4jKs7Nj4n_riHym3Aybl-8SD0FWiiMZuvDizMiENh1qeUUx7Zb0pEYWpAtwR4o0TTdT9Kn2bYHueeGf7wXSOWnJdvB935XLcxAMR18aSqotnFj9ZQZRye-4QU44TLwJ3-02slfjcEztMXuMUUVhqjPQu7&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.132

200 OK

27 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/payload?p=06AFcWeA7Q2G_8xvb63OWiSDD3aRaj_WDTohuFHdhevBKLD-_EXXc4jKs7Nj4n_riHym3Aybl-8SD0FWiiMZuvDizMiENh1qeUUx7Zb0pEYWpAtwR4o0TTdT9Kn2bYHueeGf7wXSOWnJdvB935XLcxAMR18aSqotnFj9ZQZRye-4QU44TLwJ3-02slfjcEztMXuMUUVhqjPQu7&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3\012- data
Size
27 kB (26798 bytes)
Hash
26df4933662cb3060d098c30f0b29942
a5decf1bf6a4ef6bd1996fe6345f05b6c55555b7
21b0aa40a6f4fdd2e657b68b6d428c07bbaa5cbfa43024972f8d8f705835af33

HTTP Headers

GET /recaptcha/enterprise/payload?p=06AFcWeA7Q2G_8xvb63OWiSDD3aRaj_WDTohuFHdhevBKLD-_EXXc4jKs7Nj4n_riHym3Aybl-8SD0FWiiMZuvDizMiENh1qeUUx7Zb0pEYWpAtwR4o0TTdT9Kn2bYHueeGf7wXSOWnJdvB935XLcxAMR18aSqotnFj9ZQZRye-4QU44TLwJ3-02slfjcEztMXuMUUVhqjPQu7&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09ALvilpYCylTIzbrcnpTYFYVNjpIa79DeSgQc7xwZ-BswttBStJCDw_txRqaJvkRIqg-6tclB7c8t-DWyXzqEiPU
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/jpeg
expires: Wed, 15 Nov 2023 14:55:04 GMT
date: Wed, 15 Nov 2023 14:55:04 GMT
cache-control: private, max-age=30
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

metamaskonline.xyz/images/dapp-aave.png

188.114.96.1

200 OK

14 kB

URL GET HTTP/3
metamaskonline.xyz/images/dapp-aave.png
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14347 bytes)
Hash
521a00d54b7fe1cb1d7712b655ca54a6
8c5aa52335bf25183781e62843ede770bf6877ba
506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/dapp-aave.png HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: image/png
content-length: 14347
last-modified: Thu, 20 Jan 2022 00:12:40 GMT
etag: "61e8a8f8-380b"
expires: Fri, 15 Dec 2023 14:55:01 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lQdpvl1EJ7VUWJkwHriL%2B1eg6iyA5kmWLCSW27a2HE0yB09KuFzhU9nWsaSRfEMShvrw1f7wrghqoRY7H%2Fm3vhTAQS66%2Fr0R3%2BM9rfO6x4X05Kqh3k81ISSd7Ss374OUuO0QvFo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ec93656a8-OSL
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

142.250.74.163

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
142.250.74.163:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 11 Nov 2023 02:13:42 GMT
expires: Sun, 10 Nov 2024 02:13:42 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
age: 391282
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhbWFza29ubGluZS54eXo6NDQz&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&badge=inline&cb=22na4wo5ylm6

142.250.74.132

200 OK

61 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhbWFza29ubGluZS54eXo6NDQz&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&badge=inline&cb=22na4wo5ylm6
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52898)
Size
61 kB (61408 bytes)
Hash
8d7aa10c561a5e231746fd8613fe1a9e
4d6288c699e5b77008b9ce1f9a76f218e6e1ff9e
609144ea33382e4c3f84c3d13f6f20336fc96f41064779b5c667f6577b55a0eb

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhbWFza29ubGluZS54eXo6NDQz&hl=en&v=fGZmEzpfeSeqDJiApS_XZ4Y2&size=invisible&badge=inline&cb=22na4wo5ylm6 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 15 Nov 2023 14:55:03 GMT
content-security-policy: script-src 'nonce-UEazD2gwA1bN3XSm2_37zg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

metamaskonline.xyz/images/wallet-illo.svg

188.114.96.1

200 OK

36 kB

URL GET HTTP/3
metamaskonline.xyz/images/wallet-illo.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1199)
Size
36 kB (36437 bytes)
Hash
63ad7f01f67accd6aafb47999640abe5
5ed10575a1a39d5b02840416a281fb1e655bd423
596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/wallet-illo.svg HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: image/svg+xml
last-modified: Thu, 20 Jan 2022 00:12:38 GMT
etag: W/"61e8a8f6-8e55"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9uAInAOEw5jJBYevT7iwugIeKMBbrtXNJ7fsXvF2C4%2B4T2l%2FYnlGVniJUjm8h2QjgeebVcwe7wprGUKPfqNm6emXOGxeD5DsicqmGS6tTzvlpXUsAPf4FGu7TmLgNuq2zhOEDW8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ec93056a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/js/jquery-3.5.1.min.dc5e7f18c8.js

188.114.96.1

200 OK

90 kB

URL GET HTTP/3
metamaskonline.xyz/js/jquery-3.5.1.min.dc5e7f18c8.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/jquery-3.5.1.min.dc5e7f18c8.js HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:00 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8a920-15d84"
expires: Wed, 15 Nov 2023 19:44:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 25801
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Rbn0ybBygxWJPr7ZUBStZCi3M8BMzHIQ45o4dEzuYliPyQmHxI%2FWG0cnl6YsCoeo9tpt2%2BcA5%2FSMrg%2FsYt1%2B0EULBWVlIuRRsLIYeDoi71MtJKW7GC4ibTu2ZWmMo%2BfHXFvIy8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8268552ed95256a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__zh_cn.js

142.250.74.35

404 Not Found

0 B

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__zh_cn.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__zh_cn.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metamaskonline.xyz
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Wed, 15 Nov 2023 14:55:03 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

metamaskonline.xyz/images/Browse-illo.svg

188.114.96.1

200 OK

28 kB

URL GET HTTP/3
metamaskonline.xyz/images/Browse-illo.svg
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2226)
Size
28 kB (28164 bytes)
Hash
afeafb6a9f14bd7771c63015be5a05c9
78683c75d81cf80440f083e9fb4bb2987748e290
517c0c6b44ede59070fb138aab7e875b9c230a227295f9612c32dabb9b0bdb13

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /images/Browse-illo.svg HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: image/svg+xml
last-modified: Thu, 20 Jan 2022 00:12:38 GMT
etag: W/"61e8a8f6-6e04"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15noH63MX7%2B5ErCBsPcNGlH8QRmSp3lV%2FZgL1yqwQSPX1I9Ulekbfn0hDiCRreNjVo3lfQ7GYajN7qxpP6e0SA9rSKrtbqLyObMOtcnY8qHmPrQOS4Qd2hwYaYNGXYmoF0CyK9I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8268552ec93556a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/z_stat-1280416669_1280416669.js

188.114.96.1

200 OK

12 kB

URL GET HTTP/3
metamaskonline.xyz/z_stat-1280416669_1280416669.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
ASCII text, with very long lines (11743), with no line terminators
Size
12 kB (11743 bytes)
Hash
e1be54869a16611acffff9f5f8883daf
df0fc0ae677ba0cd5c21994a8b5189cd5fc425a7
02ba8db5232b3810e186d5f70f7be20d172dfb3b03803937fe0cb442c5bccf1d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /z_stat-1280416669_1280416669.js HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8a920-2ddf"
expires: Thu, 16 Nov 2023 02:55:01 GMT
cache-control: max-age=43200
cf-cache-status: REVALIDATED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzufYaIzLCqZ7YjHmH62LhuK174%2F4Hq%2B9hoH7OSSTJlFmXL27eMXLKQmPbOSBKdtHZCLvM7DAHHaoo6M96WhtRVPBCZCs4J0S2bg8iFbOpdhwBMh%2B70l322HhnUJTaYiX432nSk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8268552ee95c56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/css/normalize.css

188.114.96.1

200 OK

7.8 kB

URL GET HTTP/3
metamaskonline.xyz/css/normalize.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
ASCII text, with very long lines (8147), with no line terminators
Size
7.8 kB (7772 bytes)
Hash
21240e0cead3210a28555c3fa89acab0
486fbbc9a997da04985e8ffb5b52e74e0a6f35ea
2881f1b580116868946ef393e44e46ce9ec94fda36f6d1eb840290671830db6a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/normalize.css HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:00 GMT
content-type: text/css
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8a920-1e5c"
expires: Wed, 15 Nov 2023 19:44:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 25802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dMeqLmK6b2%2BaiDrx%2BMtV2q26KVEfJfGMY1Vf1Llk%2BF%2FmWoh3EeEZaa4TyATZwpid4e988JoyrMwsZn3icSRjZLkHy3KW0uj4ThN6oDOo1x6X3A%2Bqo8YPrz2C4k8%2FpcjpHMcAr5I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8268552eb92356a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/js/analytics.js

188.114.96.1

200 OK

50 kB

URL GET HTTP/3
metamaskonline.xyz/js/analytics.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
ASCII text, with very long lines (1325)
Size
50 kB (49529 bytes)
Hash
876c0f150943aff8b256da31f79ac00e
b54a0b23c420cc5a9e491cbb3817ecdb65e81991
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/analytics.js HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Cookie: _ga=GA1.2.2112339741.1700060101; _gid=GA1.2.1431720559.1700060101; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:01 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8a920-c179"
expires: Wed, 15 Nov 2023 19:44:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 25803
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3U1qffyUREBgDO3Sg8H2JoZnki5bjNxsrXfKKiJe4uG8%2BHX40r%2FXUI%2F8p7%2Br7IKzSvIIJhyXzGXKcIxmdVNMFgt196vH2ko0wMTdCIzX5gQHm%2F1Auf%2FFSYG3Ihk3MAdIe2a1Rd8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8268552fca1c56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/css/metamask-staging-2.webflow.css

188.114.96.1

200 OK

136 kB

URL GET HTTP/3
metamaskonline.xyz/css/metamask-staging-2.webflow.css
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
ASCII text
Size
136 kB (136311 bytes)
Hash
a2bec8bcf2d4e18af8c9891c48ea1baa
ee9cbb2dbc10d733644ffb9484d960658511e2fd
fe6a6b9d959300e239c7411474bddd8078da03c949eeb1e165d500bb92a389ff

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /css/metamask-staging-2.webflow.css HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:00 GMT
content-type: text/css
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8a920-21477"
expires: Wed, 15 Nov 2023 19:44:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 25802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XwCzy9T6LuQ3S9qfSSG81BKiqKmYGYnLcrIOxOOySFNler%2FImnaqh1qBVTgNIYnunLlZIy7xyyF6JBXsWO3dVcVotAo3b42pqbpkrMiH6tj6j%2FEOclkanecT3b0%2F3UDE0YJSs0M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8268552eb92656a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

metamaskonline.xyz/js/analytics.js

188.114.96.1

200 OK

50 kB

URL GET HTTP/3
metamaskonline.xyz/js/analytics.js
IP
188.114.96.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamaskonline.xyz/
Certificate
IssuerGoogle Trust Services LLC
Subjectmetamaskonline.xyz
Fingerprint36:24:16:75:19:56:29:36:07:7B:48:6B:A5:72:45:A8:2D:68:85:EA
ValidityTue, 14 Nov 2023 11:37:08 GMT - Mon, 12 Feb 2024 11:37:07 GMT

File type
ASCII text, with very long lines (1325)
Size
50 kB (49529 bytes)
Hash
876c0f150943aff8b256da31f79ac00e
b54a0b23c420cc5a9e491cbb3817ecdb65e81991
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/analytics.js HTTP/1.1
Host: metamaskonline.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamaskonline.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Wed, 15 Nov 2023 14:55:00 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 00:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8a920-c179"
expires: Wed, 15 Nov 2023 19:44:58 GMT
cache-control: max-age=43200
cf-cache-status: HIT
age: 25802
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7MOYU3d1Tt%2FgeedmQrxvd%2FaXRyizHtLKr26uLhxjFg1NIZK5xCkKhpitqqawUhwximuL5CaRHfKfQ5NS4Y1TMSYjjn5Kugfou2u951cvH5InvsX2qxIQE25XZZvpsy8JBu2YX%2FY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8268552eb92856a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by