Report - metamask.io.merge.reef.co.ke/

Report Overview

URL

metamask.io.merge.reef.co.ke/
IP

5.9.235.235

ASN

#24940 Hetzner Online GmbH
Submitted

2023-01-15T19:36:52Z

Access
Tags

crypto phishing
urlquery detections

Phishing - Generic Crypto/Wallet

Detections

urlquery

26
Network Intrusion Detection

0
Threat Detection Systems

11

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com (1)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341	797	93.184.220.29
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	44.238.9.41
ocsp.sca1b.amazontrust.com (1)	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350	944	143.204.42.165
fonts.gstatic.com (3)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1363	147118	216.58.207.227
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2374	35.241.9.150
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	391	34.117.237.239
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3246	51521	34.120.237.76
metamask.io.merge.reef.co.ke (25)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	8457	1344796	5.9.235.235
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5844	34.160.144.191
r3.o.lencr.org (5)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1690	4430	23.36.76.226
fonts.googleapis.com (1)	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	408	1388	142.250.74.106
www.gstatic.com (2)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	944	4158	142.250.74.35
cdn.ethers.io (1)	459220	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	385	540	54.230.111.14
ocsp.pki.goog (4)	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1372	2796	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-15	medium	metamask.io.merge.reef.co.ke/	Crypto/Wallet
2023-01-15	medium	metamask.io.merge.reef.co.ke/	Crypto/Wallet
2023-01-15	medium	metamask.io.merge.reef.co.ke/	Crypto/Wallet
2023-01-15	medium	metamask.io.merge.reef.co.ke/	Crypto/Wallet
2023-01-15	medium	metamask.io.merge.reef.co.ke/	Crypto/Wallet
2023-01-15	medium	metamask.io.merge.reef.co.ke/	Crypto/Wallet
2023-01-15	medium	metamask.io.merge.reef.co.ke/	Crypto/Wallet
2023-01-15	medium	metamask.io.merge.reef.co.ke/	Crypto/Wallet
2023-01-15	medium	metamask.io.merge.reef.co.ke/	Crypto/Wallet
2023-01-15	medium	metamask.io.merge.reef.co.ke/	Crypto/Wallet
2023-01-15	medium	metamask.io.merge.reef.co.ke/	Crypto/Wallet

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (54)

URL IP Response Size

metamask.io.merge.reef.co.ke/

5.9.235.235

200 OK

2938

URL HTTP/1.1

metamask.io.merge.reef.co.ke/
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text

Size

2938
Hash

a2d4bc164ed35f0e8ab9a24a8d78d2ba

23b05632d6673e53091a9423a58cb5c9e287a8cc

f1526c918214e606e6d02f5c5f5ae7a78391de99d09e2d07d70e041dda13ee91

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

                                        GET / HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
last-modified: Tue, 20 Sep 2022 01:07:28 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2938
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

3063227f59d1935298b0620fa7919145

478e1d8bef04b1f95381cac01829c03b6779d420

619281d3b9753bc6d2845786da75e8566687362769517aacf90f953ffbb8407c

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "619281D3B9753BC6D2845786DA75E8566687362769517AACF90F953FFBB8407C"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2331
Expires: Sun, 15 Jan 2023 20:15:32 GMT
Date: Sun, 15 Jan 2023 19:36:41 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

2258cd6b877a3aca8f4c84074e65ac4b

4e46c70941f8e497e8afc8d078644e7f81761a1c

faac4e0d123f2112b58953c104ea746cd53047fc1ada0ef5d669feecf78ddfff

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAAC4E0D123F2112B58953C104EA746CD53047FC1ADA0EF5D669FEECF78DDFFF"
Last-Modified: Sat, 14 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2954
Expires: Sun, 15 Jan 2023 20:25:55 GMT
Date: Sun, 15 Jan 2023 19:36:41 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

30db107dcf4380cef05efea409c2e6a3

96e6a306fbc07299aba64e5c14e2bfca35872fa9

b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 15 Jan 2023 18:42:08 GMT
content-type: application/json
age: 3273
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

f7bd85a261739c122eefb74ffddaec99

e2e059b0740592e8591d432249aafe5fcb8af23c

71bdd130b8d143f228542f678e91c98ab4e5844fb9f47b036e15372660be25fd

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "71BDD130B8D143F228542F678E91C98AB4E5844FB9F47B036E15372660BE25FD"
Last-Modified: Sat, 14 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4116
Expires: Sun, 15 Jan 2023 20:45:17 GMT
Date: Sun, 15 Jan 2023 19:36:41 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

7b922915ebf1fa3639b333f994c74f24

144a3f80b98fd0652d4614f24cf6cbbee40f8938

adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: BwpgUl+bLbkprfMj83zX32Futju/3NB4FkWmrJQOdXYkgtDvXhh510eKQtM43AIMtGtB4sJv3ug=
x-amz-request-id: 390A0RGF1ECTDWC4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 15 Jan 2023 18:44:16 GMT
age: 3145
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Sun, 15 Jan 2023 19:36:41 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

metamask.io.merge.reef.co.ke/meta/normalize.css

5.9.235.235

200 OK

2633

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/normalize.css
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text

Size

2633
Hash

74b55c54efadbc58b06a6042cc858472

127ffb851c8bb77bf00de3280d0e078571704de7

435035717bcd1da635fd11e9d0d22c40d2753c48383b1728f66bfd1607bcd54a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

                                        GET /meta/normalize.css HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:41 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 15:30:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 2633
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

83579ff88cab4d4d05d4741599104d9c

fe74c219f8655a4ca36fe397884e55ab63d1288a

a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 19:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

metamask.io.merge.reef.co.ke/meta/plx.chock.js

5.9.235.235

200 OK

312

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/plx.chock.js
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text

Size

312
Hash

f8a281c232ca490b0fb6a69a0a69aa93

8586880ea6c9a49dd4b2b45ee6f7eff01c5c7683

4acac0377cad7da2cbf6e18c4e9096e95484429bf4589b472bbc276c43b6110e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

                                        GET /meta/plx.chock.js HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:41 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 15:30:38 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 312
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/meta/tag.js

5.9.235.235

200 OK

7583

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/tag.js
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text, with very long lines (21652), with no line terminators

Size

7583
Hash

030e152d0cbf5d9c345726676e20f490

d39cd836763535ada905adb47e4d028a80f51849

01cb61852e9ab6166e2651c568c84e93d2dd80a7296b26d2f0539e5dc614787f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

                                        GET /meta/tag.js HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:41 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 15:30:44 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 7583
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/meta/css.html

5.9.235.235

200 OK

274

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/css.html
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text

Size

274
Hash

a0a15fba936f518c2c1c071b0089c64c

6f8526c13dda4943229b9535931f8a6fd169da3a

6e9864f7491582647d88fee2b9503d22fc8735f673bb9be1809437c11af8af96

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

                                        GET /meta/css.html HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
last-modified: Wed, 22 Dec 2021 15:30:22 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 274
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/meta/enterprise.js

5.9.235.235

200 OK

617

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/enterprise.js
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text, with very long lines (1008), with no line terminators

Size

617
Hash

d81ef5cb351ba48ede3354fa5248ce44

9a08bcf54317bb24610116e0650b520b32dcb7e3

69e117e70a745175180e8c577cec146b059da38bfd77265a8544cfc78a51e32b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

                                        GET /meta/enterprise.js HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:41 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 15:30:24 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 617
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/meta/webfont.js

5.9.235.235

200 OK

5431

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/webfont.js
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text, with very long lines (2134)

Size

5431
Hash

f2e75ef01e8ce9b37cec75250d84e8bf

76e367a654e7cdaa51872ab26a31eb96605b4544

4a40bdcd270c0a713cc75ff940ab738302bb466ad84bd39780d96dfb77bfedde

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

                                        GET /meta/webfont.js HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:41 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 15:30:46 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5431
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/meta/analytics.js

5.9.235.235

200 OK

20110

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/analytics.js
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text, with very long lines (1325)

Size

20110
Hash

f6172b83fb5bcd8fadd246270f6e7948

910ba56b59eac08dd3461bbf81a19378028b2664

62559499e80252ed5f16b8d9972825db8479ad069a5f3e63a82c37a0d9d4ce91

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

                                        GET /meta/analytics.js HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:41 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 15:30:22 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 20110
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/meta/webflow.css

5.9.235.235

200 OK

9350

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/webflow.css
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

Unicode text, UTF-8 text, with very long lines (2587)

Size

9350
Hash

d143e827e4004f5af028b3c37e3748dd

7531565e84fd2011b5ca8a9b179ecdd4b65d89b6

f425ff60551250b2f1dc6a40d92d5ab84847781d370740a945b6b8f1866c4e84

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

                                        GET /meta/webflow.css HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:41 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 15:30:46 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 9350
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

83579ff88cab4d4d05d4741599104d9c

fe74c219f8655a4ca36fe397884e55ab63d1288a

a492a770e88739fac8094f7b73f87474cee4ad2ccbf9f1963b935474544ef3f9

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 19:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

metamask.io.merge.reef.co.ke/meta/jquery-3.5.1.min.dc5e7f18c8.js

5.9.235.235

200 OK

30970

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/jquery-3.5.1.min.dc5e7f18c8.js
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text, with very long lines (65451)

Size

30970
Hash

21ab05a6dc4822c20e4f8e617d59503e

0431002ed053581f86ceeca6589f3b3fc039d1ee

d55c3c4566cd69b2af1ac0ef1f24f7d9e781bd67701c2e84a2300a8464636b34

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

                                        GET /meta/jquery-3.5.1.min.dc5e7f18c8.js HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:41 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 15:30:32 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 30970
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/meta/storage.secure.min.js

5.9.235.235

200 OK

13331

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/storage.secure.min.js
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text, with very long lines (38562), with no line terminators

Size

13331
Hash

3d92102abedfdb24487dce53034d530b

98a4881577f81b625bc08bf33331295fd996df48

b6df362a0fb0fa4eb5c3e8724f44a5a483550e971d2ff3131c82efcfb7d262a2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

                                        GET /meta/storage.secure.min.js HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:41 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 15:30:42 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 13331
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/meta/webflow.js

5.9.235.235

200 OK

147063

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/webflow.js
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

Unicode text, UTF-8 text, with very long lines (50020)

Size

147063
Hash

8a4663ee78192e5c9506c2a338ce7723

dba17ca619195bfb7ff1a1b55d196bff2029b89f

f2892479732a4c07ecece62f4c8f12fd9ade7fab06766368a9c87f3bbe96dd59

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

                                        GET /meta/webflow.js HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:41 GMT
content-type: application/javascript
last-modified: Wed, 22 Dec 2021 15:30:46 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 147063
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/meta/metamask-staging-2.webflow.css

5.9.235.235

200 OK

17590

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/metamask-staging-2.webflow.css
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text

Size

17590
Hash

53ff35d49ab5d2089b65f13389233f86

cf1714af3125e0fc6b07408fa4269ab003baa162

509ea7e5aac1909a1a0b328b497e47f04cd10eaa3927e65a37cf1900bea5996f

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

                                        GET /meta/metamask-staging-2.webflow.css HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:41 GMT
content-type: text/css
last-modified: Wed, 22 Dec 2021 15:30:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 17590
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/meta/mm-logo.svg

5.9.235.235

200 OK

3289

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/mm-logo.svg
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)

Size

3289
Hash

75536fc9d6e2f24b5d4a43206f59daea

d6b451451650bb4028e6e36562cf590370534324

1fec7292d135f29856c58b107c76d144f532a9a3b5d36acefa89ae4e3e990c61

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

                                        GET /meta/mm-logo.svg HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:41 GMT
content-type: image/svg+xml
last-modified: Wed, 22 Dec 2021 15:30:36 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3289
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/meta/wpp.gif

5.9.235.235

200 OK

3877

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/wpp.gif
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

GIF image data, version 87a, 470 x 40\012- data

Size

3877
Hash

941648b845842a709da73e24652cf8a4

099e5f97e602d026c51537c9b45328dc99261d7c

2a7344e607a878f0acac7f5c9c3a65fc8a4423f00e21d3fb7a814cae051631d9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

                                        GET /meta/wpp.gif HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:41 GMT
content-type: image/gif
last-modified: Wed, 22 Dec 2021 15:30:48 GMT
accept-ranges: bytes
content-length: 3877
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

642

URL HTTP/2

fonts.googleapis.com/icon?family=Material+Icons
IP

142.250.74.106:0
ASN

#15169 GOOGLE

Magic

ASCII text

Size

642
Hash

fc6bcbba175a7baa80435511022afb39

7ed69beca150dea65acd62b9c9118c303da3e93c

14c4e1ac02cd00a5d7b24ed6fa6fabca5c0e0ccc8e29efc9bf2c3918e6110fe8

HTTP Headers

                                        GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 15 Jan 2023 19:36:41 GMT
date: Sun, 15 Jan 2023 19:36:41 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

metamask.io.merge.reef.co.ke/meta/EuclidCircularB-Bold-WebXL.woff2

5.9.235.235

200 OK

44544

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/EuclidCircularB-Bold-WebXL.woff2
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data

Size

44544
Hash

9024d0bf73943172297c4628d0054e20

36c3795e7b297d06589e15ef59592683d9ed0974

88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

                                        GET /meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/meta/metamask-staging-2.webflow.css

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:42 GMT
content-type: font/woff2
last-modified: Wed, 22 Dec 2021 15:30:26 GMT
accept-ranges: bytes
content-length: 44544
date: Sun, 15 Jan 2023 19:36:42 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/meta/js

5.9.235.235

200 OK

92325

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/js
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

ASCII text, with very long lines (1815)

Size

92325
Hash

fb2ab9b8632250b0d7aa50c08150cfe1

73b3f266ac08c9fb07e1de1664fed384ccd5bc86

5d419e0ff614b331e4f8fed2ba7c1380b1f5983f98d820a6a0f7040b55f60b5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

                                        GET /meta/js HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
last-modified: Wed, 22 Dec 2021 15:30:32 GMT
accept-ranges: bytes
content-length: 92325
date: Sun, 15 Jan 2023 19:36:41 GMT
server: LiteSpeed

fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

216.58.207.227

200 OK

7900

URL HTTP/1.1

fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP

216.58.207.227:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data

Size

7900
Hash

61e86e7a20ecf3ba181ca4b9a9a1cdbd

482a65cffc69109af26669d64accbef71db3b836

fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

HTTP Headers

                                        GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://metamask.io.merge.reef.co.ke
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 7900
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 14 Jan 2023 19:20:20 GMT
Expires: Sun, 14 Jan 2024 19:20:20 GMT
Cache-Control: public, max-age=31536000
Age: 87382
Last-Modified: Thu, 21 Apr 2022 17:15:19 GMT
Content-Type: font/woff2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 15 Jan 2023 19:17:25 GMT
age: 1157
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

metamask.io.merge.reef.co.ke/meta/hero2.4.png

5.9.235.235

200 OK

589568

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/hero2.4.png
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data

Size

589568
Hash

d0ec70f4c666fbf6ad0d30a52d08c5c9

e48f0688bc4f592824840478d12c05df0dd12002

3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

                                        GET /meta/hero2.4.png HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/meta/metamask-staging-2.webflow.css

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:42 GMT
content-type: image/png
last-modified: Wed, 22 Dec 2021 15:30:30 GMT
accept-ranges: bytes
content-length: 589568
date: Sun, 15 Jan 2023 19:36:42 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/meta/EuclidCircularB-Regular-WebXL.woff2

5.9.235.235

200 OK

45196

URL HTTP/1.1

metamask.io.merge.reef.co.ke/meta/EuclidCircularB-Regular-WebXL.woff2
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data

Size

45196
Hash

2d75957df3bb3aa6ed84f6591b0d5a1a

906424e75625f63b0188471067065794d0348536

8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

                                        GET /meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/meta/metamask-staging-2.webflow.css

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:42 GMT
content-type: font/woff2
last-modified: Wed, 22 Dec 2021 15:30:26 GMT
accept-ranges: bytes
content-length: 45196
date: Sun, 15 Jan 2023 19:36:42 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/images/webclip.png

5.9.235.235

200 OK

URL HTTP/1.1

metamask.io.merge.reef.co.ke/images/webclip.png
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

                                        GET /images/webclip.png HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:42 GMT
content-type: image/png
last-modified: Wed, 22 Dec 2021 21:03:30 GMT
accept-ranges: bytes
content-length: 0
date: Sun, 15 Jan 2023 19:36:42 GMT
server: LiteSpeed

metamask.io.merge.reef.co.ke/images/favicon.png

5.9.235.235

200 OK

URL HTTP/1.1

metamask.io.merge.reef.co.ke/images/favicon.png
IP

5.9.235.235:0
ASN

#24940 Hetzner Online GmbH

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

                                        GET /images/favicon.png HTTP/1.1
Host: metamask.io.merge.reef.co.ke
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/

                                        HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Sun, 22 Jan 2023 19:36:42 GMT
content-type: image/png
last-modified: Wed, 22 Dec 2021 21:03:30 GMT
accept-ranges: bytes
content-length: 0
date: Sun, 15 Jan 2023 19:36:42 GMT
server: LiteSpeed

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

6fc52c452b4176dabdd1a319c5e3fa51

e00b78bd1c6b5d71f2987fd9cdc8975804b668ae

224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 19:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

216.58.207.227

200 OK

8404

URL HTTP/1.1

fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP

216.58.207.227:0
ASN

#15169 GOOGLE

Magic

Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data

Size

8404
Hash

141119ae119bf7ca75e10ef82f66e442

adebf435aa078db3c116cb9faae15f2ad81d3ac5

c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

HTTP Headers

                                        GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://metamask.io.merge.reef.co.ke
Connection: keep-alive
Referer: http://fonts.googleapis.com/

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 8404
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sat, 14 Jan 2023 19:20:20 GMT
Expires: Sun, 14 Jan 2024 19:20:20 GMT
Cache-Control: public, max-age=31536000
Age: 87382
Last-Modified: Thu, 21 Apr 2022 17:15:41 GMT
Content-Type: font/woff2

ocsp.digicert.com/

93.184.220.29

200 OK

471

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

e5f9cfd32ba0e755eba2eba2bca5bc3c

012c01ac7a06da9f57e0e1c24658a4bd40e82518

ffd7fc715a11f6579f953c2f0f65128000733620fcc777cd0a4c5bb895c64ad2

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3137
Cache-Control: max-age=138141
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 19:36:42 GMT
Etag: "63c3c226-1d7"
Expires: Tue, 17 Jan 2023 09:59:03 GMT
Last-Modified: Sun, 15 Jan 2023 09:06:46 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js

142.250.74.35

404 Not Found

1621

URL HTTP/2

www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP

142.250.74.35:0
ASN

#15169 GOOGLE

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)

Size

1621
Hash

c90524d6a02b27addb56c350fe6fbb2d

d713d1b53323c0169ffe0649be8c9d04a189f999

4aefd395113d052a874ac1919aed0e288835e0377683f1e71e98838d16c986e0

HTTP Headers

                                        GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://metamask.io.merge.reef.co.ke
Connection: keep-alive
Referer: http://metamask.io.merge.reef.co.ke/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Sun, 15 Jan 2023 19:36:42 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

142.250.74.131:0
ASN

#15169 GOOGLE

Magic

data

Size

471
Hash

6fc52c452b4176dabdd1a319c5e3fa51

e00b78bd1c6b5d71f2987fd9cdc8975804b668ae

224beac380dd44474b39343d4138c0e5d8a547523eb06a1c6d6c4a893d511e63

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 15 Jan 2023 19:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

44.238.9.41

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

44.238.9.41:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Ml+gSFsSbN4pLkbYHe6Ouw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9k8p8VXd9cLDPAthXZfZhBR6BPc=

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

871ced6cfe919499937981d7534580e9

2e8c0fb97592bd7868be241ade707d1b38e49c34

35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2602
Expires: Sun, 15 Jan 2023 20:20:05 GMT
Date: Sun, 15 Jan 2023 19:36:43 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

871ced6cfe919499937981d7534580e9

2e8c0fb97592bd7868be241ade707d1b38e49c34

35a05f202611c548fd0768c5f1b3d749a0dd50ade93e6df29940547480c5ec91

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35A05F202611C548FD0768C5F1B3D749A0DD50ADE93E6DF29940547480C5EC91"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2602
Expires: Sun, 15 Jan 2023 20:20:05 GMT
Date: Sun, 15 Jan 2023 19:36:43 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg

34.120.237.76

200 OK

5463

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

5463
Hash

9365e4ddb0fa0d3f6dbdec98433e02a9

a9e0dc338dabcdebb33b35a162b0fb6950b31ddb

cbe4cdf59e5a2f7433485637c88c3fba9c022de1c7559e42ceb9a2c8a872fd21

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6eabf5f-7d91-476e-9896-3162652163aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 5463
x-amzn-requestid: 5e0c891d-c5f0-48a9-8f69-6ca2290039b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ejsaSEHpoAMFW6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63be2774-55e5f2937d688fb00a12d61b;Sampled=0
x-amzn-remapped-date: Wed, 11 Jan 2023 03:05:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Feucn9ZUPUt4-pK95m7prVHR5OhBzEuYo4CHMvwqSyHEiRfHpz-25A==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 14 Jan 2023 21:51:08 GMT
age: 78335
etag: "a9e0dc338dabcdebb33b35a162b0fb6950b31ddb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4981

URL HTTP/2

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

#1 JS:Script (size: 3393)

#2 JS:Script (size: 250)

#3 JS:Script (size: 89476)

#4 JS:Script (size: 50205)

#5 JS:Script (size: 69)

#6 JS:Script (size: 92325)

#7 JS:Script (size: 21104)

#8 JS:Script (size: 2386)

#9 JS:Script (size: 601104)

#10 JS:Script (size: 1008)

#11 JS:Script (size: 303580)

#12 JS:Script (size: 13188)

#13 JS:Script (size: 38562)

#14 JS:Script (size: 253)

#15 JS:Script (size: 21652)

HTTP Transactions (54)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

Detections

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic