Report - meta-mask.co/

Report Overview

Submitted URL
meta-mask.co/
IP
154.82.100.71
ASN
#399077 TERAEXCH
Submitted
2022-12-04 01:56:24
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
80

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	431 B	1.2 kB	142.250.74.132
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	369 B	21 kB	142.250.74.110
lptag.liveperson.net	3393	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	827 B	9.9 kB	178.249.97.23
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	44.240.159.184
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	5.6 kB	142.250.74.131
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	67 kB	34.120.237.76
accdn.lpsnmedia.net	3410	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	885 B	4.5 kB	178.249.97.99
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.9 kB	104.18.32.68
va.v.liveperson.net	3906	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	632 B	1.2 kB	208.89.12.87
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	3.4 kB	93.184.220.29
meta-mask.co	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	11 kB	1.2 MB	154.82.100.102
metamask.io	81413	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	65 kB	185.199.111.153
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	387 B	6.5 kB	142.250.74.74
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	986 B	18 kB	142.250.74.35
forms.hsforms.com	5160	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	436 B	168 kB	104.16.86.5
lpcdn.lpsnmedia.net	3501	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.8 kB	76 kB	178.249.101.98
js.hsforms.net	7264	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	454 B	1.3 kB	104.17.182.73
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet
2022-12-03	medium	meta-mask.co/	Crypto/Wallet

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-04	medium	meta-mask.co/	Phishing
2022-12-04	medium	meta-mask.co/fonts/EuclidCircularB-Regular-WebXL.woff2	Phishing
2022-12-04	medium	meta-mask.co/fonts/EuclidCircularB-Bold-WebXL.woff2	Phishing
2022-12-04	medium	meta-mask.co/widgets/media.html	Phishing
2022-12-04	medium	meta-mask.co/forms/v2.js	Phishing
2022-12-04	medium	meta-mask.co/js/webflow.js	Phishing
2022-12-04	medium	meta-mask.co/gtag/js.js	Phishing
2022-12-04	medium	meta-mask.co/logo.js	Phishing
2022-12-04	medium	meta-mask.co/images/wallet-illo.svg	Phishing
2022-12-04	medium	meta-mask.co/js/jquery-3.5.1.min.dc5e7f18c8.js	Phishing
2022-12-04	medium	meta-mask.co/images/mm-logo.svg	Phishing
2022-12-04	medium	meta-mask.co/images/social-35.svg	Phishing
2022-12-04	medium	meta-mask.co/images/Explore-illo.svg	Phishing
2022-12-04	medium	meta-mask.co/images/Browse-illo.svg	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (44)

	URL	Size	First Seen	Last Seen
	meta-mask.co/	164 B	2023-03-07	2024-04-06
Pretty URL meta-mask.co/ IP 154.82.100.102 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:19 Last Seen2024-04-06 20:09:39 Times Seen296 Hash 9fb685752617cf9403453cc16f9b0469 84d82954770f482fbea43960d5a5dc36e3572d1a d57443d0c7faf37db40a6058be8401314277c4b2662d8ed301ee6c0bd99a8c4d Loading...

	meta-mask.co/	184 B	2023-03-07	2024-04-06
Pretty URL meta-mask.co/ IP 154.82.100.102 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:20 Last Seen2024-04-06 20:09:39 Times Seen261 Hash 12c0659e2686c193368d09f53edc8090 e2a481f856253ec2b3dfe266ab035bc1ca650b72 7269e1e3bae2d22edc632e41922fd7e090dd785fdb749c05b577f78e9126075c Loading...

	forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=	12 kB	2023-03-08	2023-03-08
Pretty URL forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= IP 104.16.86.5 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:44:41 Last Seen2023-03-08 15:44:41 Times Seen1 Hash e781e51a05e2a7f4590bb50d476e1d62 17b287699afcf40fb73882089d6ac9e0372c1fa7 216dc89cbd0e822ba89172314dda83ad5ba5d3c15cf3b1d95bd5c603b8318eb6 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2suY286NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&badge=inline&cb=kq4tk9tx23c4	36 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2suY286NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&badge=inline&cb=kq4tk9tx23c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:44:41 Last Seen2023-03-08 15:44:41 Times Seen1 Hash 2ba607a19da1b8173e946fec43b6ea61 f84d468ca73d50dc98be78037873a2768e7a8873 8de2ca4bbabd6f969b1ee95f08132595b965ebfd9e7317d5ec340ef4c45261b1 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&badge=inline&cb=ybi96jbloswi	36 kB	2023-03-08	2023-03-08
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&badge=inline&cb=ybi96jbloswi IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:44:41 Last Seen2023-03-08 15:44:41 Times Seen1 Hash dd49b7689a4733b840e648e81b705f6f 0675b1945b03d99534266683cc8135bd670b091d 9906b49152c9dd17fb66042cf87806bd53ba43dd45245e66c38b373c4888009f Loading...

	lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fmeta-mask.co&site=88982875&force=1&env=prod&isCrossDomain=true	38 kB	2023-03-08	2023-05-14
Pretty URL lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.js?loc=https%3A%2F%2Fmeta-mask.co&site=88982875&force=1&env=prod&isCrossDomain=true IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:07 Last Seen2023-05-14 04:54:44 Times Seen42 Hash b56f93ab24c5150fa2ac4d7bf2ba02a7 0f896104da3f556119616da6ad0484c28f4f9395 a2721298ae526f997c556afcd0a7f768abfd6ad9b0ce4ec449d5b27b86929f04 Loading...

	va.v.liveperson.net/api/js/88982875?&cb=lpCb64079x81107&t=sp&ts=1670118975646&pid=22245184&tid=1325942837&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=https%3A%2F%2Fmeta-mask.co%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D	239 B	2023-03-08	2023-03-08
Pretty URL va.v.liveperson.net/api/js/88982875?&cb=lpCb64079x81107&t=sp&ts=1670118975646&pid=22245184&tid=1325942837&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=https%3A%2F%2Fmeta-mask.co%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D IP 208.89.12.87 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:44:41 Last Seen2023-03-08 15:44:41 Times Seen1 Hash c346bb210dbfbe577b9988f6c2b5d220 0841636501bf68d0341a4ff793445938a08d6ade d1bd868707cb19aac68588bb6eecede650fd34b725d8a7bf6978363598b22be9 Loading...

	meta-mask.co/	73 B	2023-03-07	2024-04-06
Pretty URL meta-mask.co/ IP 154.82.100.102 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:43 Last Seen2024-04-06 20:09:38 Times Seen403 Hash ccf7a258eee5e12d2cb3d813a5da86c8 0d0c6985e493d2f610870c9259901a2511734328 441b05bfa42c0b589fd682ec21e9ba36e55f6ec2718fbb259a812cd0b999c28e Loading...

	www.google.com/recaptcha/enterprise/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm	178 B	2023-03-07	2023-03-29
Pretty URL www.google.com/recaptcha/enterprise/bframe?hl=en&v=Km9gKuG06He-isPsP6saG8cn&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:40:32 Last Seen2023-03-29 21:02:25 Times Seen16 Hash e3a57358fa7c376c4a715194bbb5329e 8292b83ddd7156a40492a3e5703b574de08ac2fd f1aadfe46b348f3df808388d51a00d1a6aca5d4c8991725a6e28c03eaf67dbde Loading...

	accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=accountSettingsCB	6.4 kB	2023-03-08	2023-03-13
Pretty URL accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=accountSettingsCB IP 178.249.97.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:07:06 Last Seen2023-03-13 03:12:09 Times Seen1 Hash addae31447da8e100193c736b6c07ac5 ca8b85a06e93b42d5f0219973c05d9d7dd78c77f 6e26b9d809340ba7c6d9f3c6bae8ea7b8a60a70fb7fb9f6b2bed4acf620c995b Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 15:41:39 Times Seen37094802 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb42391x94707	113 B	2023-03-08	2023-03-08
Pretty URL accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb42391x94707 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:44:41 Last Seen2023-03-08 15:44:41 Times Seen1 Hash f5531105003afc3413ba5961a70f29b3 5bafe4807f6a50f8791c08cba1d939e9d82db285 ef7949cacb6297769634f352cd632c200b464ac3773783819b39250dad72b473 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549	94 kB	2023-03-07	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549 IP 178.249.101.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 07:45:12 Times Seen448 Hash d32e789b3183ed4536dc36e4cabf74ec 6b90b3e6dc44c30dcfa273e7c48d31ec00aac82b 5941d1622373ff4da4a0ec6ae2c474a80f2e65763aca377b069690ed4cc26d02 Loading...

	va.v.liveperson.net/api/js/88982875?sid=crVUKouuRWyOaH6breUv_w&cb=lpCb27570x15721&t=pl&ts=1670118975659&pid=22245184&tid=1325942837&vid=FiMTg0NzgxMjgzZjIwNTZh	111 B	2023-03-08	2023-03-08
Pretty URL va.v.liveperson.net/api/js/88982875?sid=crVUKouuRWyOaH6breUv_w&cb=lpCb27570x15721&t=pl&ts=1670118975659&pid=22245184&tid=1325942837&vid=FiMTg0NzgxMjgzZjIwNTZh IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:44:41 Last Seen2023-03-08 15:44:41 Times Seen1 Hash 01a5983fdd97b84061ed52b9b1a84216 9099a4080ec35388191bade9138c32ed63028b96 a42476b252b02bf086cfbee35682b04eb5959518d38ce3ba4ed8ff90d2d1131f Loading...

	lptag.liveperson.net/tag/tag.js?site=88982875	22 kB	2023-03-07	2024-04-12
Pretty URL lptag.liveperson.net/tag/tag.js?site=88982875 IP 178.249.97.23 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-12 19:27:20 Times Seen539 Hash e2ee8a9cd68c3d310a4c62fdb4b5c93a 67eb5f9547f1d9de0a8b143c3b50511c26281399 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7 Loading...

	www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js	409 kB	2023-03-08	2023-03-17
Pretty URL www.gstatic.com/recaptcha/releases/Km9gKuG06He-isPsP6saG8cn/recaptcha__en.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:03 Last Seen2023-03-17 23:14:58 Times Seen1 Hash b2507198388fcc94ca9e94ed4c5561c5 8853fc86f1c616bd20a73e3e24442036fd90fd2f 02c7565a86d6d3a80295b85161d78fc88d8c79a0e314c0c7777570237a365ed0 Loading...

	lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3	280 kB	2023-03-08	2023-03-08
Pretty URL lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 IP 178.249.97.23 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:44:41 Last Seen2023-03-08 15:44:41 Times Seen1 Hash 5e39865f8617ced24071e9e0e6f16267 0b239c07b890fedf391a2a781a72ce29eb9eae70 5056e290a2e778b4117352e01511cfb2c2806f363904e2110a3408917090bf29 Loading...

	accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB	3.2 kB	2023-03-08	2023-03-11
Pretty URL accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB IP 178.249.97.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:44:41 Last Seen2023-03-11 09:14:48 Times Seen1 Hash 46953cc2380e172a4e687539f38cd50c 781ed9ec79b207cfde693fdff68f584b5ccb9267 08d45398583840192b3a188daa0229cf8fb950e136a957a4c53bba5395143501 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549	90 kB	2023-03-08	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549 IP 178.249.101.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:07 Last Seen2024-04-24 07:45:12 Times Seen437 Hash 8f52a626981f930e71e87f22a5f0080d 4c1cdf091636a6d733fd9c7141d52fc07ecb9e1c 57554877947a356911e17034359412ea444c15f58884c0100062788dd3660bb8 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549	984 kB	2023-03-08	2023-07-23
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549 IP 178.249.101.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:32:07 Last Seen2023-07-23 21:43:58 Times Seen11 Hash 09fab59974228dd3746a95d0540621a6 c6481e3f91a22e047b5d134838c4daece1a2853b 6622b5e1a9d93d6b5a2f4eb7a0556f802fb002e5efde0d0f4e3781a94776e331 Loading...

	lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmeta-mask.co&site=88982875&env=prod&isCrossDomain=true	39 kB	2023-03-07	2024-03-12
Pretty URL lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmeta-mask.co&site=88982875&env=prod&isCrossDomain=true IP 178.249.101.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-03-12 06:48:19 Times Seen234 Hash a3a38a5d6888ddc1831a811e9d428c77 2ca5b076aea8b4c6ff7ad1873de4ade91d66511f d4676cbbadec76c9f89f5b771a7f4927d544b4d76801e40e9957493e038e0db4 Loading...

	meta-mask.co/	1.8 kB	2023-03-07	2024-04-02
Pretty URL meta-mask.co/ IP 154.82.100.102 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:55:49 Last Seen2024-04-02 06:38:23 Times Seen241 Hash 8b1fb904d189e68aaf32a2223915fdfd d1a510fab3db50f7482275581d2171914e1d6631 c1863d7b43731c0cb9a160099c3fa80215e0b0966f27061f78eb6af1da84f026 Loading...

	meta-mask.co/js/jquery-3.5.1.min.dc5e7f18c8.js	90 kB	2023-03-07	2024-04-26
Pretty URL meta-mask.co/js/jquery-3.5.1.min.dc5e7f18c8.js IP 154.82.100.102 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 15:37:45 Times Seen139388 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	meta-mask.co/logo.js	46 kB	2023-03-07	2024-04-06
Pretty URL meta-mask.co/logo.js IP 154.82.100.102 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:19 Last Seen2024-04-06 20:05:08 Times Seen176 Hash 62e0e533c3ce4dc08ebf2a640f22164c 9a930c6f184104a9f7403244a841d0fe208b27d9 6137618d3823a779dd702a546f64a767860341256ed661e1204b2dbdfc680ef4 Loading...

	meta-mask.co/	116 B	2023-03-07	2024-04-06
Pretty URL meta-mask.co/ IP 154.82.100.102 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:19 Last Seen2024-04-06 20:05:07 Times Seen234 Hash 65eedcd8ea68974fc10b18a001f5ff0d d57d865c29e2ba5f817f850194c33f6d1e7ea064 681e6299492c0b7a15980513d81a420ff8d912dadc14d90148b77bd81018926e Loading...

	www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true	1.0 kB	2023-03-08	2023-03-11
Pretty URL www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:04:56 Last Seen2023-03-11 21:45:23 Times Seen1 Hash 425c8101bcaad48f46512c14ccfe0ef5 0d44e9da2f1c8c4248dd6899d4de400d10bb2f6a 1a191c54889cb99d151cdc1c14d643fca768e5fd2d6bcb3153243b3e196c9fcc Loading...

	meta-mask.co/widgets/media.html	347 kB	2023-03-07	2023-03-29
Pretty URL meta-mask.co/widgets/media.html IP 154.82.100.102 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:19 Last Seen2023-03-29 23:10:29 Times Seen6 Hash a819b6f54850553a8ab5f76aa4b9b9c1 cb2d0ccc73f3ce954d6d28e09951f29627190b63 873b46e13901466e59998ffe8aa8775e7c6fa49a82c8c2e3af99fcb43a4c4dad Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-26 05:50:27 Times Seen1534 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	meta-mask.co/forms/v2.js	579 kB	2023-03-07	2024-02-22
Pretty URL meta-mask.co/forms/v2.js IP 154.82.100.102 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:18 Last Seen2024-02-22 01:00:40 Times Seen62 Hash 49987de4bcbe452bcfd1007cc2d781f9 dfc42e15103223d1c2f76a441fdbfc147d287e39 adfaf54621f479fda0fa70f3235cb7e8dc5c30a6b896e5e2c025ea0e8971d06d Loading...

	meta-mask.co/	181 B	2023-03-07	2024-04-26
Pretty URL meta-mask.co/ IP 154.82.100.102 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:43 Last Seen2024-04-26 08:15:15 Times Seen3769 Hash 0e9e3ad57abeefde87342864450cc232 4dc8676bf3417d597053d5f253fce034007f63da 9a37601d1f5a5f2fba3b000694d4bf5e035c606d5485dd94e2997cbe2efe5c26 Loading...

	meta-mask.co/gtag/js.js	93 kB	2023-03-07	2024-03-05
Pretty URL meta-mask.co/gtag/js.js IP 154.82.100.102 ASN #399077 TERAEXCH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59:49 Last Seen2024-03-05 18:51:29 Times Seen127 Hash 04a274cc3e470c2933ee3cce95a98e86 5fbe18748a0ffccb9cbbcf278443ce54dff86776 001d571f07421e4f3d037d9d7541d31c7230f8df77205fd5ab303b7d6fa864c9 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2suY286NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&badge=inline&cb=kq4tk9tx23c4	75 B	2023-03-07	2024-04-26
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRhLW1hc2suY286NDQz&hl=en&v=Km9gKuG06He-isPsP6saG8cn&size=invisible&badge=inline&cb=kq4tk9tx23c4 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:59 Last Seen2024-04-26 12:33:23 Times Seen10407 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	js.hsforms.net/forms-next/shell-recaptcha	520 B	2023-03-07	2023-04-01
Pretty URL js.hsforms.net/forms-next/shell-recaptcha IP 104.17.182.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:28 Last Seen2023-04-01 11:00:08 Times Seen13 Hash 4106b771bbb077c07602cba71e590464 498808a3fd44297852e7efec85b6e95b76041904 992ff2f170aad9acd7129fbdb885d595506fbc250b7d0214db68aed3f65e9f82 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549	40 kB	2023-03-08	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549 IP 178.249.101.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:32:35 Last Seen2024-04-24 07:45:12 Times Seen485 Hash 0dfc7fa7d2051d776d5937b7a3a7c4dd e0548931c28581b7f1975bf8c2d8b03b94591b87 3e4f5d07904cf355da7bfbca5d4eee18a4c09fc9e6a79df958d0bb1225572983 Loading...

	lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549	7.9 kB	2023-03-07	2024-04-24
Pretty URL lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549 IP 178.249.101.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-24 07:45:12 Times Seen365 Hash d53092c1d6e0a7a3d1bb802c67a6e1e9 2556ea4f15518fa36d0b92666e22ce28edec6745 0ca2d5d4dece21114294a8783944cdd00a4351935831b27f9a83b8eb543c6438 Loading...

	ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js	13 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js IP 142.250.74.74 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-04-26 12:56:53 Times Seen22441 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

		Size	First Seen	Last Seen
	#1 Eval - 18178288387cef897dd1eb87ee20b8d8	20 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:44:41 Last Seen2023-03-08 15:44:41 Times Seen1 Hash 18178288387cef897dd1eb87ee20b8d8 3c33774e5b8086279e98dea2f80f6d351be7c37e 42a315a39cdd87b65a08172b2f0b03820d2256177ddbcabf87bfc03d7ec9cefb Loading...

	#2 Eval - 7276feb916036bbb2c721699e8acbfec	21 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:44:41 Last Seen2023-03-08 15:44:41 Times Seen1 Hash 7276feb916036bbb2c721699e8acbfec a507f1adadcf566b01dde5b3a0644038e3704bb9 1002a9a720c0aa0a6e30933cfa11dddf3a5525c1c9e86c0a92cc3a49be5de12a Loading...

	#3 Eval - a1492169222e2f94ed12ca5eda8d9fbc	15 kB	2023-03-08	2023-03-08
Pretty Observations First Seen2023-03-08 15:44:41 Last Seen2023-03-08 15:44:41 Times Seen1 Hash a1492169222e2f94ed12ca5eda8d9fbc f9ca868b00dd072aece2baa3c48b1cf9c1daaf17 c423e89677ce84f475662cc6b14676a42b3fde1d6b7aa53cfaff5f3928016660 Loading...

	#4 Eval - c2239b252cbc75a06b64813caea5b634	22 B	2023-03-08	2023-11-27
Pretty Observations First Seen2023-03-08 15:11:02 Last Seen2023-11-27 18:41:34 Times Seen7 Hash c2239b252cbc75a06b64813caea5b634 864e590dcd20c840b49589a5f0d5a92af3226abf 355b9b382781cde432ccca7627a8fdecad5040be2910428d5fc5b4b57fed949b Loading...

	#5 Eval - dd094b41102e445694a12d22f18a0a42	22 B	2023-03-08	2023-11-27
Pretty Observations First Seen2023-03-08 15:11:02 Last Seen2023-11-27 18:41:34 Times Seen7 Hash dd094b41102e445694a12d22f18a0a42 60b620c007b5f0a0b23d1fe2f5000f6b8ee33e38 662748d1507b16ab56d1bceff58b8302eb43f21ce0de70b24b21b8ef39aeff35 Loading...

	#6 Eval - a65a20c8c46070ae18c36051d1b1680f	18 kB	2023-03-08	2023-03-12
Pretty Observations First Seen2023-03-08 15:44:41 Last Seen2023-03-12 11:53:00 Times Seen1 Hash a65a20c8c46070ae18c36051d1b1680f ee4af74f4506be427b856daf6b9291bed6347b8a 48560d00bdebbe52b1414ddaa64a7e67c83663932e7e05eceb25bfe9055b8da5 Loading...

	#7 Eval - fba1b70efc8b76a94dba85c8cedda52c	16 kB	2023-03-08	2023-11-27
Pretty Observations First Seen2023-03-08 15:11:02 Last Seen2023-11-27 18:41:34 Times Seen6 Hash fba1b70efc8b76a94dba85c8cedda52c 9be3e7cd439d0f20baa4f353e8c44a472195e796 d4be0587aacd19697ae508209e99aa30536e2b75393db507b1cd329131d8e19c Loading...

	#8 Eval - 46183603a054f61e78d236cd32155e01	64 B	2023-03-08	2023-11-27
Pretty Observations First Seen2023-03-08 15:11:02 Last Seen2023-11-27 18:41:34 Times Seen7 Hash 46183603a054f61e78d236cd32155e01 dd12f5d1b52edb18fcda3543fb3e986d462fc19a 9908576f4e1cce70106175d94488f9071022d3485f8a8ccf0655b399b318a7c4 Loading...

HTTP Transactions (81)

URL IP Response Size

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 251
Cache-Control: max-age=117551
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:56:12 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 10:35:23 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11942
Expires: Sun, 04 Dec 2022 05:15:14 GMT
Date: Sun, 04 Dec 2022 01:56:12 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 01:20:01 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2171
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4265
Expires: Sun, 04 Dec 2022 03:07:17 GMT
Date: Sun, 04 Dec 2022 01:56:12 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: y6E3I80qmHaA8S+I6FRocxnz7Xf+pdsBhu4o/aUDyZ8wn/qYZtWzt6DmRVpc6rdq8Tz8c4UGtgc=
x-amz-request-id: W2E89GBAPFDJW488
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 01:47:21 GMT
age: 531
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 01:56:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 01:11:19 GMT
cache-control: public,max-age=3600
age: 2694
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2821a8ab50167bceea2a1f300587595
0a5ce90c1aec75099d6c74720b7a024a6896f120
fe472524494e47899b942fc040b6eeb88389925f9e2c8c983374822029a1ca37

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE472524494E47899B942FC040B6EEB88389925F9E2C8C983374822029A1CA37"
Last-Modified: Sat, 03 Dec 2022 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 04 Dec 2022 07:56:13 GMT
Date: Sun, 04 Dec 2022 01:56:13 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 246
Cache-Control: max-age=112484
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:56:13 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 09:10:57 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

meta-mask.co/

154.82.100.102

200 OK

5.4 kB

URL HTTP/2
meta-mask.co/
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1843)
Size
5.4 kB (5392 bytes)
Hash
9f2a09a956ec0117254c4c3f45740092
4b760ca9863fd654f957cb6e0dda9516f2bb04a4
8d99af68dc0dc50bd6340bda046031585ed69e3deb4f65cb123089ec4f24406b

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:13 GMT
content-type: text/html
content-length: 5392
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 10:53:20 GMT
etag: "0d08c9ca27d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:56:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

metamask.io/images/mm-shop-hoodie-p-500.png

185.199.111.153

404 Not Found

16 kB

URL HTTP/2
metamask.io/images/mm-shop-hoodie-p-500.png
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33631)
Size
16 kB (15765 bytes)
Hash
6a1c42889ae9fd4b91f26ad67ffe0423
7ddfebcf552657683f2bc0bf0643d1c807e6f58f
2856c2ddfce3cc26a3c79f6dddd8c149e4d4cf4e2e7f1605d74071f74c6c07d4

HTTP Headers

GET /images/mm-shop-hoodie-p-500.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"63887c74-114dd"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 79C0:9054:1258FAB:12F09D4:638BF9D5
accept-ranges: bytes
date: Sun, 04 Dec 2022 01:56:13 GMT
via: 1.1 varnish
age: 1128
x-served-by: cache-bma1666-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670118974.785516,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 39742d380fcb3eb6ea74af827e2feb3eb99290b2
content-length: 15765
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

142.250.74.74

200 OK

5.4 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
IP
142.250.74.74:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2134)
Size
5.4 kB (5437 bytes)
Hash
30ca3165d143baf2835023bfcf463450
62c662c0873b79a314c040fef28dcd29abb14480
4f405d00e8ced09d5826e3e070b7e4d3f3556f856ca790b0b4a2c2eaaf58d33b

HTTP Headers

GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 5437
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 04:38:14 GMT
expires: Thu, 30 Nov 2023 04:38:14 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 335879
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
98fe7e5fd6b778bcdcc63028c3a49fbd
06b34160c344526fbe14ce41445b9fe76c0a878d
d45d898dfe5bf1151557bbbc3be6e6878fbadce386136d60777b4464199173a6

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:56:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

44.240.159.184

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.240.159.184:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1nNSJsMovrP+IpkSCgAPug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: sYbjTJdUJ0ZdPKCoHDfE5L8g5UA=

meta-mask.co/images/dapp-aave.png

154.82.100.102

200 OK

14 kB

URL HTTP/2
meta-mask.co/images/dapp-aave.png
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14347 bytes)
Hash
521a00d54b7fe1cb1d7712b655ca54a6
8c5aa52335bf25183781e62843ede770bf6877ba
506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /images/dapp-aave.png HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: image/png
content-length: 14347
last-modified: Wed, 12 Jan 2022 10:26:28 GMT
etag: "022b9db9e7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:56:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

142.250.74.35

200 OK

7.9 kB

URL HTTP/2
fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size
7.9 kB (7900 bytes)
Hash
61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

HTTP Headers

GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://meta-mask.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 01:59:40 GMT
expires: Sat, 02 Dec 2023 01:59:40 GMT
cache-control: public, max-age=31536000
age: 172594
last-modified: Thu, 21 Apr 2022 17:15:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
baaba92c2ccd740f080a25a9ea5cb3ad
3322d5a9fb0b3a2ec83247eac9865234cbcefece
5150dcbc7293378fff4a337fd0f61bdbbf6b4f64bddba6d0fd270be37e81fe07

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:56:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

142.250.74.35

200 OK

8.4 kB

URL HTTP/2
fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Size
8.4 kB (8404 bytes)
Hash
141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

HTTP Headers

GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://meta-mask.co
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 02 Dec 2022 05:14:18 GMT
expires: Sat, 02 Dec 2023 05:14:18 GMT
cache-control: public, max-age=31536000
age: 160916
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

meta-mask.co/images/dapp-compound.png

154.82.100.102

200 OK

11 kB

URL HTTP/2
meta-mask.co/images/dapp-compound.png
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11355 bytes)
Hash
3818f9cfccbd94fad91a10d3c5ee356c
7c6af849177aa8bf6ef9bcbf801dc375e1997900
20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /images/dapp-compound.png HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: image/png
content-length: 11355
last-modified: Wed, 12 Jan 2022 10:26:30 GMT
etag: "04feadc9e7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

meta-mask.co/images/dapp-gitcoin.png

154.82.100.102

200 OK

8.0 kB

URL HTTP/2
meta-mask.co/images/dapp-gitcoin.png
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (7998 bytes)
Hash
c710e9a5c39e89136a73edf0a1c99abe
aca40362b7d87533d00250e102ba852d19e2231c
7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /images/dapp-gitcoin.png HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: image/png
content-length: 7998
last-modified: Wed, 12 Jan 2022 10:26:30 GMT
etag: "04feadc9e7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

meta-mask.co/images/dapp-maker.png

154.82.100.102

200 OK

6.9 kB

URL HTTP/2
meta-mask.co/images/dapp-maker.png
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
6.9 kB (6852 bytes)
Hash
720871ca002e89a10d26e5c516066311
8648fe12645cd5c3473a73faba1d42cef78de444
f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /images/dapp-maker.png HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: image/png
content-length: 6852
last-modified: Wed, 12 Jan 2022 10:26:30 GMT
etag: "04feadc9e7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

meta-mask.co/images/dapp-opensea.png

154.82.100.102

200 OK

6.5 kB

URL HTTP/2
meta-mask.co/images/dapp-opensea.png
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6533 bytes)
Hash
f82776f839cec899c9c87a680226aabf
43f5dedb6216cb02ee568fcb66cb19fc296c3a85
c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /images/dapp-opensea.png HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: image/png
content-length: 6533
last-modified: Wed, 12 Jan 2022 10:26:32 GMT
etag: "07c1bde9e7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

meta-mask.co/images/dapp-rarible.png

154.82.100.102

200 OK

6.8 kB

URL HTTP/2
meta-mask.co/images/dapp-rarible.png
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
6.8 kB (6840 bytes)
Hash
b9f7c0fd11c34c044799e673947103f8
491baab057af39b2b24bf0c671d0eb05454b8c48
29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /images/dapp-rarible.png HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: image/png
content-length: 6840
last-modified: Wed, 12 Jan 2022 10:26:32 GMT
etag: "07c1bde9e7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

meta-mask.co/images/dapp-uniswap.png

154.82.100.102

200 OK

10 kB

URL HTTP/2
meta-mask.co/images/dapp-uniswap.png
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10268 bytes)
Hash
1948962ad395727d902bd6b5fcd01807
f7e85e096b084ef6d9f550afbcd702fd889031a5
ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /images/dapp-uniswap.png HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: image/png
content-length: 10268
last-modified: Wed, 12 Jan 2022 10:26:32 GMT
etag: "07c1bde9e7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

meta-mask.co/images/dapp-axieinfinity.png

154.82.100.102

200 OK

43 kB

URL HTTP/2
meta-mask.co/images/dapp-axieinfinity.png
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (42713 bytes)
Hash
5f662391fe3ddc927134ba8e15263eaf
ab5ea7aacdc8c97238247f59761abc02033b2a67
7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /images/dapp-axieinfinity.png HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: image/png
content-length: 42713
last-modified: Wed, 12 Jan 2022 10:26:30 GMT
etag: "04feadc9e7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

metamask.io/images/mm-shop-hoodie-p-500.png

185.199.111.153

404 Not Found

16 kB

URL HTTP/2
metamask.io/images/mm-shop-hoodie-p-500.png
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33631)
Size
16 kB (15765 bytes)
Hash
6a1c42889ae9fd4b91f26ad67ffe0423
7ddfebcf552657683f2bc0bf0643d1c807e6f58f
2856c2ddfce3cc26a3c79f6dddd8c149e4d4cf4e2e7f1605d74071f74c6c07d4

HTTP Headers

GET /images/mm-shop-hoodie-p-500.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"63887c74-114dd"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 79C0:9054:1258FAB:12F09D4:638BF9D5
accept-ranges: bytes
date: Sun, 04 Dec 2022 01:56:14 GMT
via: 1.1 varnish
age: 1129
x-served-by: cache-bma1666-BMA
x-cache: HIT
x-cache-hits: 2
x-timer: S1670118975.694460,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: da46050082ca41a2d6f81f4fc0c14dcc7719c03d
content-length: 15765
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5130
Expires: Sun, 04 Dec 2022 03:21:44 GMT
Date: Sun, 04 Dec 2022 01:56:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5130
Expires: Sun, 04 Dec 2022 03:21:44 GMT
Date: Sun, 04 Dec 2022 01:56:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5130
Expires: Sun, 04 Dec 2022 03:21:44 GMT
Date: Sun, 04 Dec 2022 01:56:14 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50aece01-03ae-4256-8ffa-fceb43e3dd62.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50aece01-03ae-4256-8ffa-fceb43e3dd62.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11170 bytes)
Hash
b5047e1b428980b054be8c899ec7bd2a
a55e532bd0251ffc78c052a3f8b649e13feafdb7
c7f42eed10d19a983df419556f821a391ca2ece33a72cdef7a367cd7eab0b96a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50aece01-03ae-4256-8ffa-fceb43e3dd62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11170
x-amzn-requestid: 4925defd-cb3f-4818-a609-c4f2badaf0d4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltlsGUVoAMFi9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f1-46cb22af25d527d016096316;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KMhlrg9pjepNii5clmKidbqEqTuUI1gYg8UOC7tVZ-7ZB06481p5ug==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:08:25 GMT
age: 13669
etag: "a55e532bd0251ffc78c052a3f8b649e13feafdb7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8285 bytes)
Hash
2c37ed587ee5e3fbdc8cab86ef1345f9
364a32a224b2cacc26b138d57a8945c191e537b1
3c66654da4670e0d5ec87afb6c62f0a420d90875c57b280710f2592269a9303e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F757562c1-a4bf-4a51-bf99-64f3a0d51840.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8285
x-amzn-requestid: 882c673f-4e3f-4f84-a51d-bbac56f716eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAAEWUoAMFWuA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-3a2c571d6272b3493ec2a1c5;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DX2amuyEjkaWng9x7x8TknBMeXzYPSW7pimxhVkcwOPPPbKrX0beQQ==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:24 GMT
etag: "364a32a224b2cacc26b138d57a8945c191e537b1"
content-type: image/jpeg
age: 14750
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.7 kB (5681 bytes)
Hash
43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 14792
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32949ec5-eb15-4096-b713-fd83ae7aa650.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8286 bytes)
Hash
b7717ff9fcf6cf3268d10312dc3fdaaf
c4f05fdb231c7870b2a918198fa0809d8e8f9c89
bf3b6304a45f172653f45e1e8b4afa7da90096ca36c82b981ca6ec01ccf122a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32949ec5-eb15-4096-b713-fd83ae7aa650.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8286
x-amzn-requestid: 6880d30e-3624-402e-819d-610e35ae27d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAAG1HIAMF6Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-43f8e7d312f96110713a7092;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XcnZ2pTQoGkuHEPsazEI09yhI6WWbmZD6g7QYW7rDf5HsegvjdgkXg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:00 GMT
age: 15135
etag: "c4f05fdb231c7870b2a918198fa0809d8e8f9c89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16143 bytes)
Hash
14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:43:43 GMT
age: 65552
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11482 bytes)
Hash
1521243a6fc065bb631bfbde22886fa2
527220e4e8cd1065ce05fcd0694d0d703d817e2e
b83ebf768bbfb34f49d5467f3dfb43ceb3ca3d30d3454e6f37db9aef72d7689a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f00caab-057c-4cc2-a163-fd0bb4d0b5f7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11482
x-amzn-requestid: d1db05ab-bd5d-4ad4-96b4-8f439152e435
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clssNEeAoAMFh_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc181-0221c53842a2f5ef071e8071;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UZ5kblxfN8fkp55YeSpUA55GzDxZgsLpFZrYTsdJBihf53HLCN0hTA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:17:35 GMT
age: 13120
etag: "527220e4e8cd1065ce05fcd0694d0d703d817e2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

280 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
280 B (280 bytes)
Hash
9a868a7f3142bc165681319d4b42f425
4c2214c0f0d7f2934204c5508a1fed9b7e44f555
512c5d2ae2ef54879fe6108987955804740301f0a1d5d3312c786acad065c437

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2104
Cache-Control: max-age=91309
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:56:15 GMT
Etag: "638ab7b4-118"
Expires: Mon, 05 Dec 2022 03:18:04 GMT
Last-Modified: Sat, 03 Dec 2022 02:43:00 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 280

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
7c9e0bb25e8c28e8b10038806b0a7190
9fa6097aeb8eacde8ba7c9ab80a7a7d2405ae2bc
f4864000960be2f888ed7d2467f74130231fed6f56ad48ff15861f5769e95a58

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:56:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

142.250.74.132

200 OK

612 B

URL HTTP/2
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
IP
142.250.74.132:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1008), with no line terminators
Size
612 B (612 bytes)
Hash
6a7eaebdfd473f2279c054e75990d463
623823a2f96f0127f0db20913358795cba3ce9b1
6ae8b1103a382f42a7f3bdeebadc53600bd8ccf5d6a0783aae58d06e62e4d893

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
expires: Sun, 04 Dec 2022 01:56:15 GMT
date: Sun, 04 Dec 2022 01:56:15 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 612
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

meta-mask.co/images/hero2.2.png

154.82.100.102

200 OK

590 kB

URL HTTP/2
meta-mask.co/images/hero2.2.png
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data
Size
590 kB (589568 bytes)
Hash
d0ec70f4c666fbf6ad0d30a52d08c5c9
e48f0688bc4f592824840478d12c05df0dd12002
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /images/hero2.2.png HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/css/metamask-staging-2.webflow.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: image/png
content-length: 589568
last-modified: Wed, 12 Jan 2022 10:31:00 GMT
etag: "0ad97d9f7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

meta-mask.co/fonts/EuclidCircularB-Regular-WebXL.woff2

154.82.100.102

200 OK

46 kB

URL HTTP/2
meta-mask.co/fonts/EuclidCircularB-Regular-WebXL.woff2
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
gzip compressed data, max compression\012- data
Size
46 kB (45498 bytes)
Hash
08d88f985f10a53d79e1fcb40ad61e0a
71528eb67ee94ef4c57df4e1228b54d2ed436a61
957571575c77b43ca5a22f30da164044eac0803694730fc76895d69d242669b4

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /fonts/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://meta-mask.co/css/metamask-staging-2.webflow.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: application/font-woff2
content-length: 45196
last-modified: Wed, 12 Jan 2022 10:31:14 GMT
etag: "04531869f7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1f3a4f3edea56419c58836a0c80d5cea
1558a7ad0acc0c09cdf39ec92030f7ee5736e595
70aeda0cb136ac1add86931a338558b9f302576cd65537575d232fda623fe2f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:56:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

meta-mask.co/fonts/EuclidCircularB-Bold-WebXL.woff2

154.82.100.102

200 OK

44 kB

URL HTTP/2
meta-mask.co/fonts/EuclidCircularB-Bold-WebXL.woff2
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Size
44 kB (44544 bytes)
Hash
9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /fonts/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://meta-mask.co/css/metamask-staging-2.webflow.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: application/font-woff2
content-length: 44544
last-modified: Wed, 12 Jan 2022 10:31:16 GMT
etag: "07262879f7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

meta-mask.co/widgets/media.html

154.82.100.102

200 OK

101 kB

URL HTTP/2
meta-mask.co/widgets/media.html
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (56550), with CRLF, LF line terminators
Size
101 kB (100935 bytes)
Hash
e5442f5cb623d246c1a44c7805ec1f29
b97676a670186b071b469051f9270c911ff5367a
93c23a73536242e91fc7046a4669390eebe08da338e7e341dcc496b997b356f9

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /widgets/media.html HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: text/html
content-length: 100935
content-encoding: gzip
last-modified: Wed, 12 Jan 2022 10:35:02 GMT
etag: "04f17ea07d81:0"
vary: Accept-Encoding
x-powered-by: ASP.NET
x-cache: DYNAMIC
strict-transport-security: max-age=31536000; includeSubdomains; preload
accept-ranges: bytes
X-Firefox-Spdy: h2

metamask.io/images/favicon.png

185.199.111.153

404 Not Found

16 kB

URL HTTP/2
metamask.io/images/favicon.png
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33631)
Size
16 kB (15765 bytes)
Hash
6a1c42889ae9fd4b91f26ad67ffe0423
7ddfebcf552657683f2bc0bf0643d1c807e6f58f
2856c2ddfce3cc26a3c79f6dddd8c149e4d4cf4e2e7f1605d74071f74c6c07d4

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"63887c74-114dd"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 9C34:D2D3:C9AFC8:D01DB0:638BF9DA
accept-ranges: bytes
date: Sun, 04 Dec 2022 01:56:15 GMT
via: 1.1 varnish
age: 1125
x-served-by: cache-bma1666-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1670118975.416471,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 3266c72a680e5c72be0d496c3df620525c56ecaf
content-length: 15765
X-Firefox-Spdy: h2

forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=

104.16.86.5

200 OK

167 kB

URL HTTP/2
forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
IP
104.16.86.5:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (12513), with no line terminators
Size
167 kB (166796 bytes)
Hash
320b1279c8734a76657d5478c57d8d0f
b5354332afb04e6a72eda33e805a0d4d8d7b1a73
e67bbaf745d674c45d69c86a722b64341541d7a701394129e65f901c6c798d19

HTTP Headers

GET /embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:56:15 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B974E306FB96ED23B3ED1B83F4D458846FB23A23E000000000000000000
x-origin-hublet: na1
vary: origin
x-hubspot-correlation-id: 29a469d7-d660-4a06-8480-bd4b51e30ecd
content-disposition: attachment; filename=no-rfd.txt
x-content-type-options: nosniff
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7740ecaa5af3b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:56:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 00:41:08 GMT
expires: Sun, 04 Dec 2022 02:41:08 GMT
cache-control: public, max-age=7200
age: 4507
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e63a3fb1ef1a4ebbbd126969d6ee68ca
8bc9c26950b3899087e25ddea159c28f57b47200
f2ec30377e239f64286ae7dde8032e4e332b6c123f7decc07126fbbcff460a69

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:56:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

metamask.io/images/webclip.png

185.199.111.153

404 Not Found

16 kB

URL HTTP/2
metamask.io/images/webclip.png
IP
185.199.111.153:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33631)
Size
16 kB (15765 bytes)
Hash
6a1c42889ae9fd4b91f26ad67ffe0423
7ddfebcf552657683f2bc0bf0643d1c807e6f58f
2856c2ddfce3cc26a3c79f6dddd8c149e4d4cf4e2e7f1605d74071f74c6c07d4

HTTP Headers

GET /images/webclip.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"63887c74-114dd"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: BB48:1CB9:2AB2697:2C0364F:638BFE3F
accept-ranges: bytes
date: Sun, 04 Dec 2022 01:56:15 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1666-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1670118975.416359,VS0,VE116
vary: Accept-Encoding
x-fastly-request-id: 0d6e1eaaaeed63c2aa4c1982bf8cf0b7a099fef0
content-length: 15765
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
9f2378d6e2b4b5346f097d96548e9813
7852b0cc2dd933548cc640e04e9e4acd53c72850
b62b2705dab87a78159a77c0c70f1d894cce1d1435a94c2336f86fedb8d5a161

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 01:56:15 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 03 Dec 2022 15:43:23 GMT
Expires: Sat, 10 Dec 2022 15:43:22 GMT
Etag: "7852b0cc2dd933548cc640e04e9e4acd53c72850"
Cache-Control: max-age=567426,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7740ecad0ceab506-OSL

lptag.liveperson.net/tag/tag.js?site=88982875

178.249.97.23

200 OK

7.6 kB

URL HTTP/2
lptag.liveperson.net/tag/tag.js?site=88982875
IP
178.249.97.23:0
ASN
#11054 LIVEPERSON

File type
ASCII text, with very long lines (21652), with no line terminators
Size
7.6 kB (7567 bytes)
Hash
6b675640425ec8551a433e26a377d954
7234f02cce1ccb2a4facf2b34b9185cfcf27299d
8c9716f14d2e964be7c93d3d8c28819cb35c529fce6206a79061cda509e05bfd

HTTP Headers

GET /tag/tag.js?site=88982875 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:56:15 GMT
content-type: application/javascript
content-length: 7567
last-modified: Thu, 03 Sep 2020 08:27:49 GMT
etag: "5f50a905-1d8f"
content-encoding: gzip
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
cache-control: public, max-age=630
x-content-type-options: nosniff
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d7c3751d41b45c30dddc446f8ba31e0f
d5e129cfa6d73bce208bc342f2b4a8a12983734c
0739565c1612bda8ebe25d81c2b2d6fa63e21c57f90b8b456b049e92d907f1df

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6001
Cache-Control: max-age=121849
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:56:15 GMT
Etag: "638b1fc7-117"
Expires: Mon, 05 Dec 2022 11:47:04 GMT
Last-Modified: Sat, 03 Dec 2022 10:07:03 GMT
Server: ECS (amb/6B91)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
d7c3751d41b45c30dddc446f8ba31e0f
d5e129cfa6d73bce208bc342f2b4a8a12983734c
0739565c1612bda8ebe25d81c2b2d6fa63e21c57f90b8b456b049e92d907f1df

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6001
Cache-Control: max-age=121849
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 01:56:15 GMT
Etag: "638b1fc7-117"
Expires: Mon, 05 Dec 2022 11:47:04 GMT
Last-Modified: Sat, 03 Dec 2022 10:07:03 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279

meta-mask.co/forms/v2.js

154.82.100.102

200 OK

136 kB

URL HTTP/2
meta-mask.co/forms/v2.js
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
136 kB (135499 bytes)
Hash
74c6bfdfdec7f7f562895e8ad23e2207
5d4a47efba6e81fbfaa59cfde7b8bdecdc6bccf6
c1a5da21e526e715065e66630938bebf65b359855781f98bb9190935f5d37405

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /forms/v2.js HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: application/javascript
last-modified: Wed, 12 Jan 2022 10:35:00 GMT
etag: W/"022e6ca07d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1126f1e04d4a66a5983300682b479f5c
c1378e33218d36d2fbc895fabc38070ba488384f
ee6041e4cb354ae424882552141f52399d1e90524353240bc940c12201ba10ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 01:56:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 16:31:55 GMT
Expires: Fri, 09 Dec 2022 16:31:54 GMT
Etag: "c1378e33218d36d2fbc895fabc38070ba488384f"
Cache-Control: max-age=483937,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7740ecb11d74b511-OSL

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
1126f1e04d4a66a5983300682b479f5c
c1378e33218d36d2fbc895fabc38070ba488384f
ee6041e4cb354ae424882552141f52399d1e90524353240bc940c12201ba10ee

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 01:56:16 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 02 Dec 2022 16:31:55 GMT
Expires: Fri, 09 Dec 2022 16:31:54 GMT
Etag: "c1378e33218d36d2fbc895fabc38070ba488384f"
Cache-Control: max-age=483937,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7740ecb0f823b506-OSL

meta-mask.co/js/webflow.js

154.82.100.102

200 OK

160 kB

URL HTTP/2
meta-mask.co/js/webflow.js
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type
Unicode text, UTF-8 text, with very long lines (50020)
Size
160 kB (160548 bytes)
Hash
3b088f1f3220f2aee4a7a6a809478671
b56797f4e2c122d49bfd9a7d38f1dbea3a07938f
1318526a9e531547b98d2bdae2396e4dc587f21b39b3670828ba61b1a396997e

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /js/webflow.js HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: application/javascript
last-modified: Wed, 12 Jan 2022 10:35:00 GMT
etag: W/"022e6ca07d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549

178.249.101.98

200 OK

68 kB

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549
IP
178.249.101.98:0
ASN
#11054 LIVEPERSON

File type
ASCII text, with very long lines (32003)
Size
68 kB (68475 bytes)
Hash
7b941b21db409f42ec51ed330517ec6c
e4d861cee7824bbdf8c18336e0ff688dc9c79657
4513a9063624a9d11f35ac77610981e6ee6936366b733b7d0cfcacf21a0dee6c

HTTP Headers

GET /le_unified_window/10.23.0.0-release_5549/UMSClientAPI.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:56:16 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:24 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Mon, 04 Dec 2023 01:56:16 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

178.249.97.99

200 OK

1.1 kB

URL HTTP/2
accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP
178.249.97.99:0
ASN
#11054 LIVEPERSON

File type
data
Size
1.1 kB (1062 bytes)
Hash
0e11e1f3768a01991229795cec5beb1f
11d959dcdf908fd8830efc2b31b860addf8d8591
76bfa069a26ce6ca7183da195447a07806ad6df8156e00b443226823693a103e

HTTP Headers

GET /api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:56:16 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:21|g:fb699d0e-3525-452f-82d9-5eafa7090bd6; Max-Age=30; Expires=Sun, 04-Dec-2022 01:56:46 GMT; Path=/
ADRUM_BTa=R:21|g:fb699d0e-3525-452f-82d9-5eafa7090bd6|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sun, 04-Dec-2022 01:56:46 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sun, 04-Dec-2022 01:56:46 GMT; Path=/; Secure
ADRUM_BT1=R:21|i:2241648; Max-Age=30; Expires=Sun, 04-Dec-2022 01:56:46 GMT; Path=/
ADRUM_BT1=R:21|i:2241648|e:5; Max-Age=30; Expires=Sun, 04-Dec-2022 01:56:46 GMT; Path=/
vary: Accept
expires: Sun, 04 Dec 2022 01:57:16 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

meta-mask.co/gtag/js.js

154.82.100.102

200 OK

0 B

URL HTTP/2
meta-mask.co/gtag/js.js
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /gtag/js.js HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:13 GMT
content-type: application/javascript
last-modified: Wed, 12 Jan 2022 10:35:00 GMT
etag: W/"022e6ca07d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3

178.249.97.23

200 OK

0 B

URL HTTP/2
lptag.liveperson.net/lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3
IP
178.249.97.23:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /lptag/api/account/88982875/configuration/applications/taglets/.jsonp?v=2.0&df=0&b=3 HTTP/1.1
Host: lptag.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:56:15 GMT
content-type: application/x-javascript
cache-control: public, max-age=630
server: ws
strict-transport-security: max-age=300; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

meta-mask.co/logo.js

154.82.100.102

200 OK

0 B

URL HTTP/2
meta-mask.co/logo.js
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /logo.js HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: application/javascript
last-modified: Wed, 12 Jan 2022 10:35:00 GMT
etag: W/"022e6ca07d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmeta-mask.co&site=88982875&env=prod&isCrossDomain=true

178.249.101.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmeta-mask.co&site=88982875&env=prod&isCrossDomain=true
IP
178.249.101.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_secure_storage/3.19.0.0-release_5079/storage.secure.min.html?loc=https%3A%2F%2Fmeta-mask.co&site=88982875&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:56:16 GMT
content-type: text/html
last-modified: Thu, 03 Nov 2022 22:00:32 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Mon, 04 Dec 2023 01:56:16 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

meta-mask.co/css/normalize.css

154.82.100.102

200 OK

0 B

URL HTTP/2
meta-mask.co/css/normalize.css
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /css/normalize.css HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:13 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 10:35:00 GMT
etag: W/"022e6ca07d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

meta-mask.co/css/webflow.css

154.82.100.102

200 OK

0 B

URL HTTP/2
meta-mask.co/css/webflow.css
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /css/webflow.css HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:13 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 10:35:00 GMT
etag: W/"022e6ca07d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

meta-mask.co/images/wallet-illo.svg

154.82.100.102

200 OK

0 B

URL HTTP/2
meta-mask.co/images/wallet-illo.svg
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /images/wallet-illo.svg HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:13 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Jan 2022 10:26:26 GMT
etag: W/"0f587da9e7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

va.v.liveperson.net/api/js/88982875?&cb=lpCb64079x81107&t=sp&ts=1670118975646&pid=22245184&tid=1325942837&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=https%3A%2F%2Fmeta-mask.co%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D

208.89.12.87

200 OK

0 B

URL HTTP/2
va.v.liveperson.net/api/js/88982875?&cb=lpCb64079x81107&t=sp&ts=1670118975646&pid=22245184&tid=1325942837&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=https%3A%2F%2Fmeta-mask.co%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D
IP
208.89.12.87:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/js/88982875?&cb=lpCb64079x81107&t=sp&ts=1670118975646&pid=22245184&tid=1325942837&pt=MetaMask%20-%20A%20crypto%20wallet%20%26%20gateway%20to%20blockchain%20apps&u=https%3A%2F%2Fmeta-mask.co%2F&df=0&os=0&identities=%5B%7B%22iss%22%3A%22LivePerson%22%2C%22acr%22%3A%220%22%7D%5D HTTP/1.1
Host: va.v.liveperson.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:56:18 GMT
content-type: application/javascript
set-cookie: LPVisitorID=FiMTg0NzgxMjgzZjIwNTZh; Expires=Mon, 04-Dec-2023 01:56:18 GMT; Path=/; HttpOnly
LPSessionID=crVUKouuRWyOaH6breUv_w; Path=/api/js/88982875; HttpOnly
cache-control: no-store
server: ws
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
content-encoding: gzip
X-Firefox-Spdy: h2

accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=accountSettingsCB

178.249.97.99

200 OK

0 B

URL HTTP/2
accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=accountSettingsCB
IP
178.249.97.99:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/account/88982875/configuration/setting/accountproperties/?cb=accountSettingsCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:56:16 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:21|g:8d1ab731-d914-4257-be45-755b21e2421f; Max-Age=30; Expires=Sun, 04-Dec-2022 01:56:46 GMT; Path=/
ADRUM_BTa=R:21|g:8d1ab731-d914-4257-be45-755b21e2421f|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Sun, 04-Dec-2022 01:56:46 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Sun, 04-Dec-2022 01:56:46 GMT; Path=/; Secure
ADRUM_BT1=R:21|i:2241648; Max-Age=30; Expires=Sun, 04-Dec-2022 01:56:46 GMT; Path=/
ADRUM_BT1=R:21|i:2241648|e:5; Max-Age=30; Expires=Sun, 04-Dec-2022 01:56:46 GMT; Path=/
vary: Accept
expires: Sun, 04 Dec 2022 01:57:16 GMT
x-envoy-upstream-service-time: 1
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549

178.249.101.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549
IP
178.249.101.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_unified_window/10.23.0.0-release_5549/desktopEmbedded.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:56:16 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Mon, 04 Dec 2023 01:56:16 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

meta-mask.co/js/jquery-3.5.1.min.dc5e7f18c8.js

154.82.100.102

200 OK

0 B

URL HTTP/2
meta-mask.co/js/jquery-3.5.1.min.dc5e7f18c8.js
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /js/jquery-3.5.1.min.dc5e7f18c8.js HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:14 GMT
content-type: application/javascript
last-modified: Wed, 12 Jan 2022 10:35:00 GMT
etag: W/"022e6ca07d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549

178.249.101.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549
IP
178.249.101.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_unified_window/10.23.0.0-release_5549/ui-framework.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:56:16 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Mon, 04 Dec 2023 01:56:16 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

meta-mask.co/css/metamask-staging-2.webflow.css

154.82.100.102

200 OK

0 B

URL HTTP/2
meta-mask.co/css/metamask-staging-2.webflow.css
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /css/metamask-staging-2.webflow.css HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:13 GMT
content-type: text/css
last-modified: Wed, 12 Jan 2022 10:35:00 GMT
etag: W/"022e6ca07d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

meta-mask.co/images/mm-logo.svg

154.82.100.102

200 OK

0 B

URL HTTP/2
meta-mask.co/images/mm-logo.svg
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /images/mm-logo.svg HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:13 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Jan 2022 10:26:26 GMT
etag: W/"0f587da9e7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

meta-mask.co/images/social-35.svg

154.82.100.102

200 OK

0 B

URL HTTP/2
meta-mask.co/images/social-35.svg
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /images/social-35.svg HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:13 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Jan 2022 10:26:26 GMT
etag: W/"0f587da9e7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

meta-mask.co/images/Explore-illo.svg

154.82.100.102

200 OK

0 B

URL HTTP/2
meta-mask.co/images/Explore-illo.svg
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /images/Explore-illo.svg HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:13 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Jan 2022 10:26:28 GMT
etag: W/"022b9db9e7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

meta-mask.co/images/Browse-illo.svg

154.82.100.102

200 OK

0 B

URL HTTP/2
meta-mask.co/images/Browse-illo.svg
IP
154.82.100.102:0
ASN
#399077 TERAEXCH

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /images/Browse-illo.svg HTTP/1.1
Host: meta-mask.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: NgxFence
date: Sun, 04 Dec 2022 01:56:13 GMT
content-type: image/svg+xml
last-modified: Wed, 12 Jan 2022 10:26:28 GMT
etag: W/"022b9db9e7d81:0"
x-powered-by: ASP.NET
x-cache: HIT
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
X-Firefox-Spdy: h2

js.hsforms.net/forms-next/shell-recaptcha

104.17.182.73

200 OK

0 B

URL HTTP/2
js.hsforms.net/forms-next/shell-recaptcha
IP
104.17.182.73:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /forms-next/shell-recaptcha HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:56:15 GMT
content-type: text/html; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Tue, 22 Nov 2022 10:30:00 UTC
x-amz-server-side-encryption: AES256
x-amz-meta-ao: {}
x-amz-version-id: RjNuQ6YZ.q9soc4tFdhPxVbp443jIlvP
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b77313059f3d50280ced20238b151620.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: 91_nW9nuo_NPtCmTMsSVGu6IKNc-xnkIUtcSqymc8Ejec9Clf5GV6A==
age: 2783
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: FormsNext/static-5.549/html/recaptcha.html
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaaqC22pmGXxVe0lhXZAFqbG7FWS0IcVIA4WCNEv0AEaawBUkkRGWUWsYeZ38Roit3uwHYl2rR0hFQLnp%2FzOnUXMoHkBHnQRWc77f%2FL7R0XQweGJx5UrSK7VoRRlU%2Fsk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7740ecae6dc00b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549

178.249.101.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549
IP
178.249.101.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_unified_window/10.23.0.0-release_5549/lpChatV3.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:56:16 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Mon, 04 Dec 2023 01:56:16 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549

178.249.101.98

200 OK

0 B

URL HTTP/2
lpcdn.lpsnmedia.net/le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549
IP
178.249.101.98:0
ASN
#11054 LIVEPERSON

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /le_unified_window/10.23.0.0-release_5549/surveylogicinstance.min.js?version=10.23.0.0-release_5549 HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://meta-mask.co/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sun, 04 Dec 2022 01:56:16 GMT
content-type: application/javascript
last-modified: Thu, 03 Nov 2022 22:03:25 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Mon, 04 Dec 2023 01:56:16 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (44)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations