r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cf14baed0842431a08367ed54f2346ca
d943be8835b7e4470e3d6fbe09ac39c5464be434
a45fbc8cdddc9f43c0c3c7d73cbb2cdf3cf4c4cd2df20802925b795da5048aa4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A45FBC8CDDDC9F43C0C3C7D73CBB2CDF3CF4C4CD2DF20802925B795DA5048AA4"
Last-Modified: Sun, 05 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4849
Expires: Mon, 06 Mar 2023 21:37:32 GMT
Date: Mon, 06 Mar 2023 20:16:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c8d3b63b0ab9c679c7a50df2ba42b497
7133ccb414f7d8040d0f4a1b1df359485a76c377
4652b9b479b50208073dbff5a0b434fe6e8a1a2c5caa6365a8c5de2ff7fd9865
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4652B9B479B50208073DBFF5A0B434FE6E8A1A2C5CAA6365A8C5DE2FF7FD9865"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4724
Expires: Mon, 06 Mar 2023 21:35:27 GMT
Date: Mon, 06 Mar 2023 20:16:43 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5034bcceb9691ad6244be6045742ab53
51e77cdc92833432cd26b13f28875791a187c63c
540637d0d69c1201dcb2dd813b40e64cd07c5bd7685d46a7bad4d437a4e7aeea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "540637D0D69C1201DCB2DD813B40E64CD07C5BD7685D46A7BAD4D437A4E7AEEA"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4801
Expires: Mon, 06 Mar 2023 21:36:44 GMT
Date: Mon, 06 Mar 2023 20:16:43 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Type, Retry-After, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 06 Mar 2023 20:08:37 GMT
content-type: application/json
age: 486
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: RMUnhZddp3bReCOdqeUVBFQ03FIgWug8zv+gPytaKz9bvQUx4z4LCd9jM8clQoZDbX4ODQqoesI=
x-amz-request-id: TG583N5PW3A9G3T3
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 06 Mar 2023 19:17:16 GMT
age: 3567
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:43 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Cache-Control, Expires, Alert, Content-Type, Pragma, Retry-After, Last-Modified, Backoff, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 06 Mar 2023 20:12:30 GMT
age: 253
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d45dab59f0138bf4bfc71cc6e2296b53
8018debbf732d125754fae84adefffd59d8f0418
8e39d0ba15e48babb949ba20a20f790b63724bc4f619170e1b0bf2b9956fce62
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E39D0BA15E48BABB949BA20A20F790B63724BC4F619170E1B0BF2B9956FCE62"
Last-Modified: Mon, 06 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 07 Mar 2023 02:16:44 GMT
Date: Mon, 06 Mar 2023 20:16:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e44d064b81b73efe46cc420f8ae34410
229b99f9754fdce4f543513a0942ba63f67dc057
69b84b87493304be0456180f60ddf01f51a96fffa86fe8dddc8dd920fb262f06
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "69B84B87493304BE0456180F60DDF01F51A96FFFA86FE8DDDC8DD920FB262F06"
Last-Modified: Sat, 04 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4800
Expires: Mon, 06 Mar 2023 21:36:44 GMT
Date: Mon, 06 Mar 2023 20:16:44 GMT
Connection: keep-alive
push.services.mozilla.com/
54.202.41.171101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.202.41.171:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4PjyjjFY3fjS5n7y+4ng4g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hN2ZkR5yj/FMgkC2niRtLPBiS7s=
images.ctfassets.net/9sy2a0egs6zh/3JXJRxl3Gbha8dkym0dRU2/22f502a27f7c9880c1e3780986a33f92/mm-shop-hoodie.png?w=1024&q=100&fm=webp
54.230.111.45200 OK 142 kB URL HTTP/2 images.ctfassets.net/9sy2a0egs6zh/3JXJRxl3Gbha8dkym0dRU2/22f502a27f7c9880c1e3780986a33f92/mm-shop-hoodie.png?w=1024&q=100&fm=webp
IP 54.230.111.45:0
File type RIFF (little-endian) data, Web/P image\012- data
Size 142 kB (142274 bytes)
Hash 90c78958eba5e0f457630103cc7434eb
c3d2506c036e31e1f571fe9b8e870570f39f6519
adce3993f837da53735612e7d94ad4508ebf94da309d92e484c5a3001db1e21b
GET /9sy2a0egs6zh/3JXJRxl3Gbha8dkym0dRU2/22f502a27f7c9880c1e3780986a33f92/mm-shop-hoodie.png?w=1024&q=100&fm=webp HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 142274
last-modified: Sun, 12 Feb 2023 19:57:09 GMT
server: Contentful Images API
access-control-allow-origin: *
date: Mon, 06 Mar 2023 07:23:19 GMT
cache-control: max-age=31536000
etag: "90c78958eba5e0f457630103cc7434eb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WmnhTBSksfmKEefEqWa_zxVfuGnSCijAWGd34a3xxzmWghu0vIov8Q==
age: 46405
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 587b1cd8e3fa518a1784d2ccc0139a36
e1a4d4576e95660cc149c60b3655a278e6ac967b
8339b116073dcfe2280c5d98bdac9e9d15214589f0292cc9c399656f887dc628
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
216.58.211.10200 OK 5.4 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (2134)
Hash 30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b
GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 28 Feb 2023 17:57:59 GMT
expires: Wed, 28 Feb 2024 17:57:59 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 526725
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 587b1cd8e3fa518a1784d2ccc0139a36
e1a4d4576e95660cc149c60b3655a278e6ac967b
8339b116073dcfe2280c5d98bdac9e9d15214589f0292cc9c399656f887dc628
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:16:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0b2a6c80075ac612fdd0c0db8ecc7508
816bcd2a7acf9dbf93e52adbe3549a2945d4cbfb
f5b916b912ad2c776304ec956a0d8c6e383551ae5f4c9c15bdf82b2db499d02b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:16:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
216.58.207.227200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18
GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://metamasl.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Mar 2023 12:08:57 GMT
expires: Fri, 01 Mar 2024 12:08:57 GMT
cache-control: public, max-age=31536000
age: 374868
last-modified: Thu, 21 Apr 2022 17:15:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 0b2a6c80075ac612fdd0c0db8ecc7508
816bcd2a7acf9dbf93e52adbe3549a2945d4cbfb
f5b916b912ad2c776304ec956a0d8c6e383551ae5f4c9c15bdf82b2db499d02b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:16:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
216.58.207.227200 OK 8.4 kB URL HTTP/2 fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Hash 141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://metamasl.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 01 Mar 2023 13:04:06 GMT
expires: Thu, 29 Feb 2024 13:04:06 GMT
cache-control: public, max-age=31536000
age: 457959
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
metamasl.net/images/mm-logo.svg
8.210.172.191200 OK 12 kB URL HTTP/2 metamasl.net/images/mm-logo.svg
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Hash 51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /images/mm-logo.svg HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: image/svg+xml
content-length: 12019
last-modified: Wed, 12 Jan 2022 10:26:26 GMT
etag: "61deacd2-2ef3"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/images/social-35.svg
8.210.172.191200 OK 602 B URL HTTP/2 metamasl.net/images/social-35.svg
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d5e7fa6bfac5cb057e4974b17d5f0e53
fd3f64fd6b8fc6bb097bcd065337c70d8d2cef37
bcba47e61462fcaa7a59953d7af48a777438587b79faf7fcda5831cea8e9a7da
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /images/social-35.svg HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: image/svg+xml
content-length: 602
last-modified: Wed, 12 Jan 2022 10:26:26 GMT
etag: "61deacd2-25a"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4462
Expires: Mon, 06 Mar 2023 21:31:07 GMT
Date: Mon, 06 Mar 2023 20:16:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4462
Expires: Mon, 06 Mar 2023 21:31:07 GMT
Date: Mon, 06 Mar 2023 20:16:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5a5ffd15937290b01c6440b1c62e0521
cfc46cb33cd50e11dedfbfe641713413bc0b6749
1f4515613d7a23a0f6572298f97291e7220f99e4f83fd9f22a7654d4a228caa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F4515613D7A23A0F6572298F97291E7220F99E4F83FD9F22A7654D4A228CAA2"
Last-Modified: Sun, 05 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4462
Expires: Mon, 06 Mar 2023 21:31:07 GMT
Date: Mon, 06 Mar 2023 20:16:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd016e3e-cec7-484b-8151-f72ea54dc958.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd016e3e-cec7-484b-8151-f72ea54dc958.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 49dbeca46074e859a5a2958fdec9b28b
c649916591826b4db490b98cbe530533818daf0d
cb33caa142deb6570ce9e8a382d7fce45ba0101cdbc65ee6319dd23693f22086
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd016e3e-cec7-484b-8151-f72ea54dc958.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7250
x-amzn-requestid: 5ae814e4-592b-4811-a724-d807b69ebd2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6hUHslIAMF26w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050ad4-051cb0632863689209d81d45;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 66AYoAs_rFJQ7dwagQyaBCAFJtuuOS3FcIgNT6es0h3cAITyEaYTTQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 2750b94b402c92287d764b5fa115a042.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 21:42:16 GMT
age: 81269
etag: "c649916591826b4db490b98cbe530533818daf0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9ab3964124c43755909f9891e162d3c7
c912f5fcb7985842877c76686c6bcd356b5977ff
34627773ad1d710b054986c725eb8e8a4c7d8fbac31e6724e83217dc06cfaaad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5642d287-8c21-49d9-9a11-2bfa6ee1a2f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10332
x-amzn-requestid: bcb59433-4093-4bb3-b6d3-69f5489d5ef9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6iVE07oAMF28A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050adb-757a083b7be05f886d8d6edc;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 034zEZAbWUmixhooZf4KqxdabRAyWiMDzsMzTkNX29m1SZjQqiWywQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 22:07:33 GMT
age: 79752
etag: "c912f5fcb7985842877c76686c6bcd356b5977ff"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4726917eabc29a977873ad26e264e70d
4619a0418ee08d6618ead537f31823c98f355b5a
d3c6b43d46ccff30f0003a063b6c4c78d4a782262bfdeb138e6c015555ce2dcb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0c3b178-ee57-465b-aa8c-fb6f93e35cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3381
x-amzn-requestid: 8b89e7ab-b8b3-45cd-af3a-cc419e61f1fc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: A-PNPFynoAMFn8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63fbf8ba-616bedc230d1c2b13a09beae;Sampled=0
x-amzn-remapped-date: Mon, 27 Feb 2023 00:26:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: Qd5FIKUZwnnKiIzEnrA7ZcC_yWa9_iP1r7xUaCP4f6I7m_z3ChB-2A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 06 Mar 2023 07:29:19 GMT
age: 46046
etag: "4619a0418ee08d6618ead537f31823c98f355b5a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c09ef55-602f-4eb8-aa1a-e701b5dc7903.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c09ef55-602f-4eb8-aa1a-e701b5dc7903.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02cd95c30a65a0c80928e653abedeefa
1099ae20c50109211fc9318ece50a784fec998f9
08162a68f91d9149ace613460e3dfae80ceac1dbe505c79642138032100335bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c09ef55-602f-4eb8-aa1a-e701b5dc7903.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6155
x-amzn-requestid: 99998e44-c2f0-4973-bede-44c33036ba4d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU7U7HA-oAMFQww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050c1f-7f8fe3f96531b57c69584754;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:39:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: zEWUxG77GT-uaewuPLzCl7DptXf5xbmQtBX7_tEaichah3kC3tmKAA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 22:16:07 GMT
age: 79238
etag: "1099ae20c50109211fc9318ece50a784fec998f9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb850def5-99d3-4f6a-83a2-cb16c6c4be47.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb850def5-99d3-4f6a-83a2-cb16c6c4be47.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d67c185d6a94b7d93dcf9af199539b8c
805a844ea7d731cc97433a48e912027925a5c0f1
87ab47d3644b7e2fce69fbcbec55444dcd19e32dd7597940ffab8a930abb87e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb850def5-99d3-4f6a-83a2-cb16c6c4be47.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5820
x-amzn-requestid: 25ee5ea9-e962-422c-bc73-238524fb9380
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU7HfFwGoAMFkIg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050bc9-06a45cc27b2710241bdad1f2;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:38:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: cHdUytqXAWNk58mDX-Jqtq-FbEBxDvhjsGyKktA4N4GxTsmzVrS6eg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 21:44:04 GMT
age: 81161
etag: "805a844ea7d731cc97433a48e912027925a5c0f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdccd2ce9-584e-47ab-93bf-abf8287b821e.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdccd2ce9-584e-47ab-93bf-abf8287b821e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69536c57b14c2419255e2386dd07e825
dbae31696a00f5f6c8495de0983ff8a08e77f970
7e09f086bc5f848e3ff503a2ab61392a57a0149af47f20415e5adeb2408e02e5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdccd2ce9-584e-47ab-93bf-abf8287b821e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8161
x-amzn-requestid: c9201eea-8216-4a14-803c-b947465f327c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: BU6k1GA4oAMFpkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64050aeb-4c2595df7964fd650a9de81f;Sampled=0
x-amzn-remapped-date: Sun, 05 Mar 2023 21:34:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: QmcXVosHU7BBbvg9sgjmx-h4g8OCN024Oj-VkOUc0GdMgaF0WesCJg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Mar 2023 22:21:04 GMT
age: 78941
etag: "dbae31696a00f5f6c8495de0983ff8a08e77f970"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8013cd1bdb7caff057f18dd261bf96c
c88b2b2adeea35e692d3a0337e9eac3c51d2b3df
c74e4ee09dc585f7a2f92ec01c406d5450db86efbb692937690dccfb07f527ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:16:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi_webp/YVgfHZMFFFQ/sddefault.webp
216.58.207.214200 OK 18 kB URL HTTP/2 i.ytimg.com/vi_webp/YVgfHZMFFFQ/sddefault.webp
IP 216.58.207.214:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d288755975f12c1b804cce683a56b56b
af27df3ca58c18ccfa231b3ad5089e11b29fb4e1
f27731898ea8846c9a9f428fb8cbe2da7c832a4bb6032af7b4b7f0c64f81de55
GET /vi_webp/YVgfHZMFFFQ/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 Mar 2023 19:10:20 GMT
expires: Mon, 06 Mar 2023 21:10:20 GMT
cache-control: public, max-age=7200
etag: "1582837014"
content-type: image/webp
vary: Origin
age: 3985
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8013cd1bdb7caff057f18dd261bf96c
c88b2b2adeea35e692d3a0337e9eac3c51d2b3df
c74e4ee09dc585f7a2f92ec01c406d5450db86efbb692937690dccfb07f527ec
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:16:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
metamasl.net/js/config.js
8.210.172.191200 OK 122 B URL HTTP/2 metamasl.net/js/config.js
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash 80aac51679dfa93c27116c77f31e0d08
ef1eec309d3780e7143003b0f9f80205a3468ebe
9f24d6cce1f302c3ed89ff22dcd9e55b01451c55c4b6b799033c55706e2417d9
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /js/config.js HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: application/javascript
content-length: 122
last-modified: Sun, 01 Jan 2023 03:15:01 GMT
etag: "63b0fab5-7a"
expires: Tue, 07 Mar 2023 08:16:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/js/main.js
8.210.172.191200 OK 616 B IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
Hash 3c8ca1d085fe9f44bb8ab0357a77e694
5d75c7efd2073b7334c51be78ea7787883decb72
c05db82e69999e0e38ee2b117cfc69738c4a4b26c32d7788c04157fc90ef65d7
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /js/main.js HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: application/javascript
content-length: 616
last-modified: Wed, 28 Dec 2022 13:18:55 GMT
etag: "63ac423f-268"
expires: Tue, 07 Mar 2023 08:16:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/images/wallet-illo.svg
8.210.172.191200 OK 36 kB URL HTTP/2 metamasl.net/images/wallet-illo.svg
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1199)
Hash 63ad7f01f67accd6aafb47999640abe5
5ed10575a1a39d5b02840416a281fb1e655bd423
596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /images/wallet-illo.svg HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: image/svg+xml
content-length: 36437
last-modified: Wed, 12 Jan 2022 10:26:26 GMT
etag: "61deacd2-8e55"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/images/Explore-illo.svg
8.210.172.191200 OK 37 kB URL HTTP/2 metamasl.net/images/Explore-illo.svg
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1527)
Hash 46fb450c5ecf6da758bca0975551f056
629157e884b450ecf5a94d38d736db3c7428245f
8ba2b37fd4f2f3c19c10109bc6111d3d71692c78f9351f1eb2a8cab5231b77b5
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /images/Explore-illo.svg HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: image/svg+xml
content-length: 36835
last-modified: Wed, 12 Jan 2022 10:26:28 GMT
etag: "61deacd4-8fe3"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/images/Browse-illo.svg
8.210.172.191200 OK 28 kB URL HTTP/2 metamasl.net/images/Browse-illo.svg
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2226)
Hash afeafb6a9f14bd7771c63015be5a05c9
78683c75d81cf80440f083e9fb4bb2987748e290
517c0c6b44ede59070fb138aab7e875b9c230a227295f9612c32dabb9b0bdb13
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /images/Browse-illo.svg HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: image/svg+xml
content-length: 28164
last-modified: Wed, 12 Jan 2022 10:26:28 GMT
etag: "61deacd4-6e04"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/images/dapp-aave.png
8.210.172.191200 OK 14 kB URL HTTP/2 metamasl.net/images/dapp-aave.png
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Hash 521a00d54b7fe1cb1d7712b655ca54a6
8c5aa52335bf25183781e62843ede770bf6877ba
506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
quad9 Sinkholed
GET /images/dapp-aave.png HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: image/png
content-length: 14347
last-modified: Wed, 12 Jan 2022 10:26:28 GMT
etag: "61deacd4-380b"
expires: Wed, 05 Apr 2023 20:16:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/images/dapp-axieinfinity.png
8.210.172.191200 OK 43 kB URL HTTP/2 metamasl.net/images/dapp-axieinfinity.png
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f662391fe3ddc927134ba8e15263eaf
ab5ea7aacdc8c97238247f59761abc02033b2a67
7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
quad9 Sinkholed
GET /images/dapp-axieinfinity.png HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: image/png
content-length: 42713
last-modified: Wed, 12 Jan 2022 10:26:30 GMT
etag: "61deacd6-a6d9"
expires: Wed, 05 Apr 2023 20:16:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/images/dapp-compound.png
8.210.172.191200 OK 11 kB URL HTTP/2 metamasl.net/images/dapp-compound.png
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 3818f9cfccbd94fad91a10d3c5ee356c
7c6af849177aa8bf6ef9bcbf801dc375e1997900
20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
quad9 Sinkholed
GET /images/dapp-compound.png HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: image/png
content-length: 11355
last-modified: Wed, 12 Jan 2022 10:26:30 GMT
etag: "61deacd6-2c5b"
expires: Wed, 05 Apr 2023 20:16:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/images/dapp-gitcoin.png
8.210.172.191200 OK 8.0 kB URL HTTP/2 metamasl.net/images/dapp-gitcoin.png
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash c710e9a5c39e89136a73edf0a1c99abe
aca40362b7d87533d00250e102ba852d19e2231c
7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
quad9 Sinkholed
GET /images/dapp-gitcoin.png HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: image/png
content-length: 7998
last-modified: Wed, 12 Jan 2022 10:26:30 GMT
etag: "61deacd6-1f3e"
expires: Wed, 05 Apr 2023 20:16:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/images/dapp-maker.png
8.210.172.191200 OK 6.9 kB URL HTTP/2 metamasl.net/images/dapp-maker.png
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 720871ca002e89a10d26e5c516066311
8648fe12645cd5c3473a73faba1d42cef78de444
f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
quad9 Sinkholed
GET /images/dapp-maker.png HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: image/png
content-length: 6852
last-modified: Wed, 12 Jan 2022 10:26:30 GMT
etag: "61deacd6-1ac4"
expires: Wed, 05 Apr 2023 20:16:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/images/dapp-opensea.png
8.210.172.191200 OK 6.5 kB URL HTTP/2 metamasl.net/images/dapp-opensea.png
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash f82776f839cec899c9c87a680226aabf
43f5dedb6216cb02ee568fcb66cb19fc296c3a85
c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
quad9 Sinkholed
GET /images/dapp-opensea.png HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: image/png
content-length: 6533
last-modified: Wed, 12 Jan 2022 10:26:32 GMT
etag: "61deacd8-1985"
expires: Wed, 05 Apr 2023 20:16:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/images/dapp-rarible.png
8.210.172.191200 OK 6.8 kB URL HTTP/2 metamasl.net/images/dapp-rarible.png
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Hash b9f7c0fd11c34c044799e673947103f8
491baab057af39b2b24bf0c671d0eb05454b8c48
29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
quad9 Sinkholed
GET /images/dapp-rarible.png HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: image/png
content-length: 6840
last-modified: Wed, 12 Jan 2022 10:26:32 GMT
etag: "61deacd8-1ab8"
expires: Wed, 05 Apr 2023 20:16:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/images/dapp-uniswap.png
8.210.172.191200 OK 10 kB URL HTTP/2 metamasl.net/images/dapp-uniswap.png
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 1948962ad395727d902bd6b5fcd01807
f7e85e096b084ef6d9f550afbcd702fd889031a5
ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
quad9 Sinkholed
GET /images/dapp-uniswap.png HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: image/png
content-length: 10268
last-modified: Wed, 12 Jan 2022 10:26:32 GMT
etag: "61deacd8-281c"
expires: Wed, 05 Apr 2023 20:16:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamasl.net/
8.210.172.191200 OK 63 kB IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
Hash 45f132ebac43505c282bde3922236f94
90db798c9cd99a5cf3d00d3912d60f1162ba93b9
47b983deef821224df5a1c17f7f84f4651a3e2e38fd249ed5b21a118065d6e9e
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: text/html
last-modified: Wed, 28 Dec 2022 13:22:26 GMT
vary: Accept-Encoding
etag: W/"63ac4312-5e9c"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
metamasl.net/gtag/js.js
8.210.172.191200 OK 84 kB IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
Hash 7c8e11dbdba70983f44f6587740baa0b
6579c5876987cc6f7a3361d8aa14ab6958c0ca0a
6d5d8e381ef40f90502d1c6ffb492baca828dc27b6bd089aba6dc07d8917fddf
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /gtag/js.js HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: application/javascript
last-modified: Wed, 12 Jan 2022 10:35:00 GMT
vary: Accept-Encoding
etag: W/"61deaed4-16c65"
expires: Tue, 07 Mar 2023 08:16:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
104.16.86.5200 OK 3.8 kB URL HTTP/1.1 forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
IP 104.16.86.5:0
File type Unicode text, UTF-8 text, with very long lines (12508), with no line terminators
Hash 2de98e6ef1ea3cebea120db29863804c
ae6a20530e8034e0027d2289f54d9ead51475c5f
542ac5a0bee8fdf9e77590db7d2b8a2cd5f6f0bfe3ed0f148f7cbf816d99c84a
GET /embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 20:16:46 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace: 2BC7288EC06D885F1D8440AAB0902B03F8E3F62821000000000000000000
X-Origin-Hublet: na1
Vary: origin
X-HubSpot-Correlation-Id: dc218a33-49ca-4ac1-97f2-c69f0aaae6ce
Content-Disposition: attachment; filename=no-rfd.txt
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: false
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 7a3d4741fddc1c16-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
metamasl.net/css/metamask-staging-2.webflow.css
8.210.172.191200 OK 613 kB URL HTTP/2 metamasl.net/css/metamask-staging-2.webflow.css
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
Size 613 kB (613133 bytes)
Hash da01e2eb0cdb189bcaef3385a3e91e24
9813039bb278a5b92ebd7af01a53625eb2ec3b75
55349c236561cccb1deba46b98b612f0619e514ae9ee584413f08ddb14940fe8
Analyzer Verdict Alert openphish Crypto/Wallet
quad9 Sinkholed
GET /css/metamask-staging-2.webflow.css HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: text/css
last-modified: Sun, 20 Nov 2022 11:00:48 GMT
vary: Accept-Encoding
etag: W/"637a08e0-228d7"
expires: Tue, 07 Mar 2023 08:16:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ca02e49637cae70036c1ba7262fc0f8b
47bf57169b3d8745b71b6fa0b5f45f95c93c8e14
308bed9f5e7535b310b5ef72083154ca2d5b15f8ec4480e028e83f0849a43ca4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
216.58.207.228200 OK 612 B URL HTTP/2 www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
IP 216.58.207.228:0
File type ASCII text, with very long lines (1008), with no line terminators
Hash d1234c687aa3a239fe0abcc93075cef8
25b67ad8c757f42298c708cf328e521f4142e529
7b2f6124f0460df9c9cd92ef30dc69c0dde33b161c388972399d0548e5aba6bd
GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Mon, 06 Mar 2023 20:16:46 GMT
date: Mon, 06 Mar 2023 20:16:46 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 612
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 88cbc6aea2d9cf4e31579e42cf911fd0
6d3ce6aff3dc9454118cfacdc7f422f3fed83ee7
437586bc85d574c31c56a0ab07b2d44a5299512fdd04cc3ec64abb3b184d485d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash fed02b60cdde629ed9682f466ed27c05
ca8a522c9deb45527119e5d243ddb316a0e22a44
0d653eca33ea40a8bcaf632dd27528d1ff4f3dfeb6497952edd530241f1cf69e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
142.250.74.35200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
IP 142.250.74.35:0
File type HTML document, ASCII text, with very long lines (839)
Size 165 kB (164689 bytes)
Hash 7f27adb1216e4ddb02884fd68a1ec297
a33a85dfc58ca995fa184035b8fdb896866c361f
aeea36b977f073b902c2c5536b21f43e931fc2ac5ba3601db228e686457e9bc8
GET /recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metamasl.net
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164689
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Mar 2023 08:44:27 GMT
expires: Fri, 01 Mar 2024 08:44:27 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 387139
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.110200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.110:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Mon, 06 Mar 2023 19:53:25 GMT
expires: Mon, 06 Mar 2023 21:53:25 GMT
cache-control: public, max-age=7200
age: 1401
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
metamask.io/images/favicon.png
185.199.111.153404 Not Found 16 kB URL HTTP/2 metamask.io/images/favicon.png
IP 185.199.111.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33631)
Hash cacbf3aaf35ddbd6239d21578eaf2c1d
dd3d869b8b2e7313c936aeca76d0ce3e345263cd
82656a0acd67ca89c195b9698aba80c926b667970d3e5f946fbf108741bd3e28
GET /images/favicon.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"64056dd5-114dd"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: CB66:FDFA:12F2BF:138C7E:640646D7
accept-ranges: bytes
date: Mon, 06 Mar 2023 20:16:46 GMT
via: 1.1 varnish
age: 855
x-served-by: cache-bma1683-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1678133807.917842,VS0,VE2
vary: Accept-Encoding
x-fastly-request-id: b95f2b5c0ab6c31ef85c8060483548929a1ad616
content-length: 15765
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6a978ac8c366c3cdf5cac7d419da1a7a
171eb20796df2bca7bce102943c1899a93c8f5d1
5cdc16c95770061422fb14c5d5d687bc5c8e2f3b250c481f688a36d4ec7b6aa5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 06 Mar 2023 20:16:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
metamask.io/images/webclip.png
185.199.111.153404 Not Found 16 kB URL HTTP/2 metamask.io/images/webclip.png
IP 185.199.111.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33631)
Hash cacbf3aaf35ddbd6239d21578eaf2c1d
dd3d869b8b2e7313c936aeca76d0ce3e345263cd
82656a0acd67ca89c195b9698aba80c926b667970d3e5f946fbf108741bd3e28
GET /images/webclip.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"64056dd5-114dd"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 4A40:27C7:140285:14A7EE:64064A2E
accept-ranges: bytes
date: Mon, 06 Mar 2023 20:16:47 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1683-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1678133807.928088,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: f2e3570c6826c61cb9679a94c5a2404db4237e1c
content-length: 15765
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 0984263b51465a36fe80c73be7b90837
0d67d34487f9928937b44b87687d64cf2289a182
7fa6251d2fcd5439510d5b2a7b9516bcaa17a4d753cf379ad7feeaba808a4043
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 20:16:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 04 Mar 2023 18:35:01 GMT
Expires: Sat, 11 Mar 2023 18:35:00 GMT
Etag: "0d67d34487f9928937b44b87687d64cf2289a182"
Cache-Control: max-age=425292,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a3d47458833b51e-OSL
metamasl.net/js/jquery-3.5.1.min.dc5e7f18c8.js
8.210.172.191200 OK 200 kB URL HTTP/2 metamasl.net/js/jquery-3.5.1.min.dc5e7f18c8.js
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type ASCII text, with very long lines (65451)
Size 200 kB (199489 bytes)
Hash 7f23eb6032075c828342290969b253d4
a3a6c1b4e96e3a75e26e59d3d9076e46c21bf9f7
cdd880a189493e1c34921e51db3afb5dbd7b3169815ed9fec0fc5d684d5394d7
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /js/jquery-3.5.1.min.dc5e7f18c8.js HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: application/javascript
last-modified: Wed, 12 Jan 2022 10:35:00 GMT
vary: Accept-Encoding
etag: W/"61deaed4-15d84"
expires: Tue, 07 Mar 2023 08:16:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash de9cb2aafc87fd7af661bd5ee9d5d4f4
cc6063ed99dfc8c0413ef60a8fa6a795327cfde8
354414bb99bb81f4620b6ad2d4f32e8b87b9806093a684533aea64e5b856e01b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "354414BB99BB81F4620B6AD2D4F32E8B87B9806093A684533AEA64E5B856E01B"
Last-Modified: Sun, 05 Mar 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21539
Expires: Tue, 07 Mar 2023 02:15:46 GMT
Date: Mon, 06 Mar 2023 20:16:47 GMT
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash da06d7182b785cc57aa424f8db409f03
6c15cba583fff47335341a9178f0ded6a81a1474
ccd093def6da5cd82f1d5ca1dc5911ba364a5db784a625be7a79803d39524f29
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 20:16:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Mar 2023 18:47:52 GMT
Expires: Fri, 10 Mar 2023 18:47:51 GMT
Etag: "6c15cba583fff47335341a9178f0ded6a81a1474"
Cache-Control: max-age=339663,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a3d474adf4eb51e-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash da06d7182b785cc57aa424f8db409f03
6c15cba583fff47335341a9178f0ded6a81a1474
ccd093def6da5cd82f1d5ca1dc5911ba364a5db784a625be7a79803d39524f29
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 20:16:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Mar 2023 18:47:52 GMT
Expires: Fri, 10 Mar 2023 18:47:51 GMT
Etag: "6c15cba583fff47335341a9178f0ded6a81a1474"
Cache-Control: max-age=339663,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a3d474ae97fb500-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash da06d7182b785cc57aa424f8db409f03
6c15cba583fff47335341a9178f0ded6a81a1474
ccd093def6da5cd82f1d5ca1dc5911ba364a5db784a625be7a79803d39524f29
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 20:16:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Mar 2023 18:47:52 GMT
Expires: Fri, 10 Mar 2023 18:47:51 GMT
Etag: "6c15cba583fff47335341a9178f0ded6a81a1474"
Cache-Control: max-age=339662,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a3d474b9c470b06-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash da06d7182b785cc57aa424f8db409f03
6c15cba583fff47335341a9178f0ded6a81a1474
ccd093def6da5cd82f1d5ca1dc5911ba364a5db784a625be7a79803d39524f29
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 20:16:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Mar 2023 18:47:52 GMT
Expires: Fri, 10 Mar 2023 18:47:51 GMT
Etag: "6c15cba583fff47335341a9178f0ded6a81a1474"
Cache-Control: max-age=339662,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a3d474b9ec5b4ee-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash da06d7182b785cc57aa424f8db409f03
6c15cba583fff47335341a9178f0ded6a81a1474
ccd093def6da5cd82f1d5ca1dc5911ba364a5db784a625be7a79803d39524f29
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 20:16:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Mar 2023 18:47:52 GMT
Expires: Fri, 10 Mar 2023 18:47:51 GMT
Etag: "6c15cba583fff47335341a9178f0ded6a81a1474"
Cache-Control: max-age=339662,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a3d474b9c1f1c0a-OSL
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 69a0e5758845909b2262f276cb2181da
530b471d5f35148f3bed8bc23738dda71f93e6ab
f6f922db9351dc25caadfaf48e3de533492244a1741f85928107e4650c9fb72e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 06 Mar 2023 20:16:50 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 03 Mar 2023 15:19:40 GMT
Expires: Fri, 10 Mar 2023 15:19:39 GMT
Etag: "530b471d5f35148f3bed8bc23738dda71f93e6ab"
Cache-Control: max-age=327168,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7a3d4758789fb51e-OSL
lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/lpChatV3.min.js?version=10.24.1.0-release_5557
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/lpChatV3.min.js?version=10.24.1.0-release_5557
IP 178.249.97.98:0
GET /le_unified_window/10.24.1.0-release_5557/lpChatV3.min.js?version=10.24.1.0-release_5557 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:16:48 GMT
content-type: application/javascript
last-modified: Sat, 11 Feb 2023 02:05:10 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Tue, 05 Mar 2024 20:16:48 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/88982875?sid=cAW-XG_FRBCvdW3ms76gMw&cb=lpCb81379x92615&t=pl&ts=1678133809513&pid=3209978982&tid=1297869287&vid=FiMTk0NTliYzBhMmJhZGQ1
208.89.12.87200 OK 0 B URL HTTP/2 va.v.liveperson.net/api/js/88982875?sid=cAW-XG_FRBCvdW3ms76gMw&cb=lpCb81379x92615&t=pl&ts=1678133809513&pid=3209978982&tid=1297869287&vid=FiMTk0NTliYzBhMmJhZGQ1
IP 208.89.12.87:0
GET /api/js/88982875?sid=cAW-XG_FRBCvdW3ms76gMw&cb=lpCb81379x92615&t=pl&ts=1678133809513&pid=3209978982&tid=1297869287&vid=FiMTk0NTliYzBhMmJhZGQ1 HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:16:50 GMT
content-type: application/javascript
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
metamasl.net/js/webflow.js
8.210.172.191200 OK 0 B URL HTTP/2 metamasl.net/js/webflow.js
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /js/webflow.js HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: application/javascript
last-modified: Wed, 12 Jan 2022 10:35:00 GMT
vary: Accept-Encoding
etag: W/"61deaed4-92c10"
expires: Tue, 07 Mar 2023 08:16:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
178.249.97.23200 OK 0 B URL HTTP/2 lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP 178.249.97.23:0
GET /lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:16:47 GMT
content-type: application/x-javascript
set-cookie: ADRUM_BTa=R:21|g:4540f16c-3553-45aa-9c1e-ab1e99179b6a; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:17 GMT; Path=/
ADRUM_BTa=R:21|g:4540f16c-3553-45aa-9c1e-ab1e99179b6a|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:17 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:17 GMT; Path=/; Secure
ADRUM_BT1=R:21|i:1758181; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:17 GMT; Path=/
ADRUM_BT1=R:21|i:1758181|e:2; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:17 GMT; Path=/
ADRUM_BT1=R:21|i:1758181|e:2|d:2; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:17 GMT; Path=/
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=63072000; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=accountSettingsCB
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=accountSettingsCB
IP 178.249.101.99:0
GET /api/account/88982875/configuration/setting/accountproperties/?cb=accountSettingsCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:16:48 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:21|g:fa29d456-189e-4159-9267-1464e5f9273a; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/
ADRUM_BTa=R:21|g:fa29d456-189e-4159-9267-1464e5f9273a|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/; Secure
ADRUM_BT1=R:21|i:2241585; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/
ADRUM_BT1=R:21|i:2241585|e:10; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/
vary: Accept
expires: Mon, 06 Mar 2023 20:17:48 GMT
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: lp-accdn-app.default.svc.amkube01.int.liveperson.net:8080/*
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
va.v.liveperson.net/api/js/88982875?&cb=lpCb6467x41016&t=sp&ts=1678133809500&pid=3209978982&tid=1297869287&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=https%3A%2F%2Fmetamasl.net%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
208.89.12.87200 OK 0 B URL HTTP/2 va.v.liveperson.net/api/js/88982875?&cb=lpCb6467x41016&t=sp&ts=1678133809500&pid=3209978982&tid=1297869287&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=https%3A%2F%2Fmetamasl.net%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP 208.89.12.87:0
GET /api/js/88982875?&cb=lpCb6467x41016&t=sp&ts=1678133809500&pid=3209978982&tid=1297869287&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=https%3A%2F%2Fmetamasl.net%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:16:50 GMT
content-type: application/javascript
set-cookie: LPVisitorID=FiMTk0NTliYzBhMmJhZGQ1; Expires=Tue, 05-Mar-2024 20:16:50 GMT; Path=/; HttpOnly
LPSessionID=cAW-XG_FRBCvdW3ms76gMw; Path=/api/js/88982875; HttpOnly
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2
metamasl.net/forms/v2.js
8.210.172.191200 OK 0 B IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /forms/v2.js HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: application/javascript
last-modified: Wed, 12 Jan 2022 10:35:00 GMT
vary: Accept-Encoding
etag: W/"61deaed4-8d542"
expires: Tue, 07 Mar 2023 08:16:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/UMSClientAPI.min.js?version=10.24.1.0-release_5557
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/UMSClientAPI.min.js?version=10.24.1.0-release_5557
IP 178.249.97.98:0
GET /le_unified_window/10.24.1.0-release_5557/UMSClientAPI.min.js?version=10.24.1.0-release_5557 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:16:48 GMT
content-type: application/javascript
last-modified: Sat, 11 Feb 2023 02:05:09 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Tue, 05 Mar 2024 20:16:48 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
metamasl.net/css/normalize.css
8.210.172.191200 OK 0 B URL HTTP/2 metamasl.net/css/normalize.css
IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
Analyzer Verdict Alert openphish Crypto/Wallet
quad9 Sinkholed
GET /css/normalize.css HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: text/css
last-modified: Sun, 20 Nov 2022 11:00:45 GMT
vary: Accept-Encoding
etag: W/"637a08dd-1e5c"
expires: Tue, 07 Mar 2023 08:16:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fmetamasl.net&site=88982875&force=1&env=prod&isCrossDomain=true
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fmetamasl.net&site=88982875&force=1&env=prod&isCrossDomain=true
IP 178.249.97.98:0
GET /le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fmetamasl.net&site=88982875&force=1&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:16:48 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Tue, 05 Mar 2024 20:16:48 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb66543x85826
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb66543x85826
IP 178.249.101.99:0
GET /api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb66543x85826 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lpcdn.lpsnmedia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:16:48 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:28|g:cd7443c4-9735-4dce-ad73-fe930a0f588f; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/
ADRUM_BTa=R:28|g:cd7443c4-9735-4dce-ad73-fe930a0f588f|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/; Secure
ADRUM_BT1=R:28|i:2241585; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/
ADRUM_BT1=R:28|i:2241585|e:12; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/
cache-control: no-store
x-envoy-upstream-service-time: 97
x-envoy-decorator-operation: lp-accdn-app.default.svc.amkube01.int.liveperson.net:8080/*
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/desktopEmbedded.js?version=10.24.1.0-release_5557
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/desktopEmbedded.js?version=10.24.1.0-release_5557
IP 178.249.97.98:0
GET /le_unified_window/10.24.1.0-release_5557/desktopEmbedded.js?version=10.24.1.0-release_5557 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:16:48 GMT
content-type: application/javascript
last-modified: Sat, 11 Feb 2023 02:05:10 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Tue, 05 Mar 2024 20:16:48 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
js.hsforms.net/forms-next/shell-recaptcha
104.17.186.73200 OK 0 B URL HTTP/2 js.hsforms.net/forms-next/shell-recaptcha
IP 104.17.186.73:0
GET /forms-next/shell-recaptcha HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:16:47 GMT
content-type: text/html; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Thu, 02 Mar 2023 01:29:17 UTC
x-amz-server-side-encryption: AES256
x-amz-meta-ao: {}
x-amz-version-id: MkCbKprQUr_NtsnvjXyqpGOtevSQI6rx
x-cache: Hit from cloudfront
via: 1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: 8O_VbEYrOWRf4BepBRQvYn2BMO1sw8ArKE7lLPxWf5KTa3w8D6Ct0Q==
age: 470
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: FormsNext/static-5.586/html/recaptcha.html
access-control-allow-origin: *
x-hs-cache-status: MISS
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WOucZWzy%2BmKNN7vNH6IEcyq%2B0cOpmyAfwpF6t6pobV2PgFKjCODmAKQJGBxp24V6iYkpI8qjqoM3sHtA4Kmv7BXu2stAa8ixurWYeKhiJKC%2Fdvxt75Ngivar%2Fk0aJC3%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7a3d47468d2c0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
178.249.101.99200 OK 0 B URL HTTP/2 accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP 178.249.101.99:0
GET /api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:16:48 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:21|g:75452cd1-062a-4141-8dc1-b3e5191de13a; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/
ADRUM_BTa=R:21|g:75452cd1-062a-4141-8dc1-b3e5191de13a|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/; Secure
ADRUM_BT1=R:21|i:2241585; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/
ADRUM_BT1=R:21|i:2241585|e:12; Max-Age=30; Expires=Mon, 06-Mar-2023 20:17:18 GMT; Path=/
vary: Accept
expires: Mon, 06 Mar 2023 20:17:48 GMT
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: lp-accdn-app.default.svc.amkube01.int.liveperson.net:8080/*
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2
metamasl.net/logo.js
8.210.172.191200 OK 0 B IP 8.210.172.191:0
ASN #45102 Alibaba US Technology Co., Ltd.
Analyzer Verdict Alert openphish Crypto/Wallet
fortinet Phishing
quad9 Sinkholed
GET /logo.js HTTP/1.1
Host: metamasl.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 06 Mar 2023 20:16:44 GMT
content-type: application/javascript
last-modified: Wed, 12 Jan 2022 10:35:00 GMT
vary: Accept-Encoding
etag: W/"61deaed4-b430"
expires: Tue, 07 Mar 2023 08:16:44 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/surveylogicinstance.min.js?version=10.24.1.0-release_5557
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_unified_window/10.24.1.0-release_5557/surveylogicinstance.min.js?version=10.24.1.0-release_5557
IP 178.249.97.98:0
GET /le_unified_window/10.24.1.0-release_5557/surveylogicinstance.min.js?version=10.24.1.0-release_5557 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:16:48 GMT
content-type: application/javascript
last-modified: Sat, 11 Feb 2023 02:05:10 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Tue, 05 Mar 2024 20:16:48 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmetamasl.net&site=88982875&env=prod&isCrossDomain=true
178.249.97.98200 OK 0 B URL HTTP/2 lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmetamasl.net&site=88982875&env=prod&isCrossDomain=true
IP 178.249.97.98:0
GET /le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmetamasl.net&site=88982875&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamasl.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 06 Mar 2023 20:16:48 GMT
content-type: text/html
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Tue, 05 Mar 2024 20:16:48 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2