{"report_id":"9e8a49a7-3264-4b80-b21a-d936405fcc12","version":6,"status":"done","tags":[],"date":"2026-05-08T08:07:36Z","url":{"schema":"http","addr":"metemask.com.co","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":0,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"final":{"url":{"schema":"https","addr":"metemask.com.co/","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"title":"MetaMask Wallet - Download Secure Crypto Wallet for Ethereum \u0026 Web3 DApps","dom":{"size":83971,"mime_type":"text/html; charset=utf-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (10158)","md5":"fa8321d7c4b823b0a62c7d3d2104ee54","sha1":"6e2dfe5d8723bf0ce3da9873759e0e9d394f6b15","sha256":"a0e127537e96ee8da0a5a6292a1c1548484c52d65130f29b23473e3e234bdeff","sha512":"f5429eaedb6aec13dff6141f105c8e0c0557950aca44669f6cdab3aa935fe930288b5e6627b45ce6e88958c8723b9717383f0ebfeb1e49fac964a93f0b1968c5","ssdeep":"1536:49YypjAuRJQ/QyxsBypbQLKbx4XVPiSseGzkf:495+uUJxjQseGzkf","tlshash":"8383d77343dc49f13a2ea389c1447a08949aef37d59686c8f2fe4098dbc9da6447371e","dom_hash":"domhashd17b9fb077c1160a061563adf211e1cf","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"metemask.com.co","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":0,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-12T08:07:36Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":0,"analyzer":3}},"detection":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null},"summary":[{"fqdn":"metemask.com.co","ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"domain_registered":"unknown","domain_rank":0,"first_seen":"2026-05-04T06:26:13.052836Z","last_seen":"2026-05-04T06:26:13.052836Z","alert_count":90,"request_count":30,"received_data":6233246,"sent_data":15010,"comment":"","tags":null,"fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Yoast SEO:27.2","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"Yoast SEO Premium:27.2","description":"Yoast SEO Premium is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}]}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":null},"javascript":{"script":[{"url":{"schema":"https","addr":"metemask.com.co/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2411.1","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"579971209b4a0594503eb32f73dc55cd","sha1":"538f77a685391e4b75fe534eca2a2c8793c7d4b4","sha256":"c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639","sha512":"926afec2644e8cf1437b551561b7fb19a03776dce89d20c29f32674a02844fb461d350145341b45a86122d6589485a48689028a3b9f734be9bc864d5e83259fc","ssdeep":"96:11KOglvWRd5tBYGLA/cpk5PF/RlDzxBtuhWIZAAO2Sbl34nXpCVd7:HKVlvW75taGLtKFDVBIhWyAAOTB344VZ","tlshash":"95d1c85b70aa902411ff5227d12b0905f27c69779645244ae18ceeb41db8f6820bfffd","size":6159,"data":"","first_seen":"2023-03-13T21:07:02Z","last_seen":"2026-05-13T16:04:50.002193Z","times_seen":5574,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","size":13577,"data":"","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-05-13T19:27:09.560136Z","times_seen":759046,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":true,"md5":"f1a8a71dc3b92a8ba4e3f7646da1cf54","sha1":"6db19a429eb5eed3a882c3366f1e53acde6e7788","sha256":"ecf014d6e3b37775310b63e2b3716050bb3b80d030c2c4bfbf65d61f62e9a11c","sha512":"a4167d66e1f9515576c5da3dfd6279f1b4eaeea671d11920edfd5a75ae9a33a481cb44b7570fbbf278a573fe7f98d40271a548b6fe8505dd596d69a329903886","ssdeep":"","tlshash":"0cf0d81903fc1022f867320a4ebda105e6399107ec40fcf4b94d02903b0922f31f6700","size":511,"data":"","first_seen":"2025-12-01T09:01:21.053092Z","last_seen":"2026-05-08T08:08:33.735234Z","times_seen":65,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-includes/js/wp-emoji-loader.min.js","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"dd5ac2ed72e3db217922ec8e649d25db","sha1":"f1cf7fe4e96b31c540d4a95b266a5e07e04daf3a","sha256":"7cc11885f2a5ca82b968f7945a040b5e87e41de2fe00f582824ce9082e9decae","sha512":"85c45315f38a7398bdc6d2e9b862bde2fb4976d7ccb8d003b2f4274b4a9e74a4943bf2647184447ff245bbed77277573cf06b8ebbd35ba5b8fb31864983d1b88","ssdeep":"","tlshash":"c171969ae77a3cdbb2f900f2697a0d47eb614435d6c8d438c9bda3141cb5893c274b4a","size":3626,"data":"","first_seen":"2026-05-04T06:26:17.888836Z","last_seen":"2026-05-08T08:08:33.736052Z","times_seen":3,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/themes/graceful/assets/js/main.js?ver=1.0.4","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"ad7a788668a12b0ebff958141ae553cc","sha1":"eb1a9a2246bc60ab6cfe9f31439a57b0c287ae23","sha256":"924279a64b5a46f605db18673a5d8a455e689426e93dea4bcae5f2b04c31db86","sha512":"38d760971938751a7cfa124be3490f8f9411f2c904dca4565f3651389947c5bf263d58faed9ce9df0a7452fa21206c55e37967af62adbe76c44a83b9cf681810","ssdeep":"1536:tITMFC4dbMVRSNcgRDWxqR6El4+2O/n+8RKPrFJZdhuawCaf:tVbmwOcXlW3hK","tlshash":"5873b745bb20392a42efe1a5957f070bf23a141aa50540ac786cdeed1f78958213ffbd","size":77716,"data":"","first_seen":"2023-12-29T10:09:08Z","last_seen":"2026-05-10T11:26:29.926171Z","times_seen":164,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-includes/js/wp-emoji-release.min.js?ver=6.9.4","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","size":22762,"data":"","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-05-13T19:27:09.565169Z","times_seen":215656,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"introduction_type":"scriptElement","is_inline":false,"md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","size":87553,"data":"","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-05-13T19:27:09.558506Z","times_seen":820708,"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/toc-front-js-extra","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"0.0.0.0","port":0,"asn":0,"as":"","country":"","country_code":"ZZ"},"introduction_type":"scriptElement","is_inline":false,"md5":"e15c8e0cac58e9dd3cc7eb6fb2bc0288","sha1":"f5a6981879efb6c8a82fc6c16993eddb4113187d","sha256":"713941881ee12efd83a5a0a2ef1700616bc634a469e5ef097d7f9d10e8d40f1d","sha512":"39c64639a4ddeda8444d52d254b81bf776b93b1564c92bfa63142e693d8d849224cdc664b3ce1b8b55a9359863c9b5a79b0a5d9bb319179a1c24f072b3d31ce8","ssdeep":"","tlshash":"b1018c16c4ec2ce861949b33642616260e8d6d60c452060f88cc82081c34802c261a9c","size":763,"data":"","first_seen":"2026-04-24T05:53:12.794543Z","last_seen":"2026-05-08T08:08:33.736861Z","times_seen":60,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"metemask.com.co/wp-content/uploads/2026/04/metamask_30-150x150.png","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/uploads/2026/04/metamask_30-150x150.png HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 29 Apr 2026 19:09:27 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f25767-5d09\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":23817,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"bbdc52ced08a0e6320f80fe5d12167a1","sha1":"fae6a5f41d53e8da20c060661d4f3bbd0186b5a9","sha256":"0876c997ecbac8430033d68a8bbee8ef83293eddc5be99408e5d8f521f887f5e","sha512":"51e0954207ccc1735c23b87d845a75a1c793e8eb22f689d7d40b864956cbb3b80fed2ea8c590d328b78e91987b314a4bbd377b51412ed0e5ff039a2559f18592","ssdeep":"384:RmXAgGh1xYMlr50pH3KDwu0caU0DFjj9an2NtVYtYn4vAU9v:RmPGHxYMl4aDGU0Dd5tGu4FZ","tlshash":"1bb2f2db6b0a0431e88d603e1f0967b87b9c089703e92ce7016a87cdd5fe4f4d185675","first_seen":"2026-05-04T06:26:17.868014Z","last_seen":"2026-05-08T08:08:33.722008Z","times_seen":3,"resource_available":false,"data":null}},"time_used":335,"timings":{"blocked":265,"dns":0,"connect":0,"send":0,"wait":69,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/uploads/2026/04/metamask_38.png","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/uploads/2026/04/metamask_38.png HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 29 Apr 2026 19:09:39 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f25773-14d151\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1364305,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGB, non-interlaced","md5":"a21bf381f5f94a9ceb0378c39146c323","sha1":"95e8ec904292f6a4a64aa5120cf6fe344159ee81","sha256":"7dfecf829d63126edc24ede66fcd57f034bd8ef8a7a106eeb5e111e0a1fd5d11","sha512":"32e3ec4be45a592b6e3e40037ca7bfd4256a28150c5b181523fe88fe7020619dd4a802b5aef3ea26cb829af64574d993646c04163533e311652aa4e6864cac61","ssdeep":"24576:46aN8VNuoY6NXycM3B+Jqeqaw2xlpSlB+/0nRkoIMCw2o8pmlNWIPpBUI/IB:qiNI6dUIJXnSL+MRqbmFRCI0","tlshash":"9e25235d3d31b264ee4be6f8d64fa2c40d1486db51b580f1deb9c420edeae9403a1b4e","first_seen":"2026-05-04T06:26:17.881816Z","last_seen":"2026-05-08T08:08:33.726945Z","times_seen":3,"resource_available":false,"data":null}},"time_used":823,"timings":{"blocked":270,"dns":0,"connect":0,"send":0,"wait":132,"receive":421,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/fonts/7b559ac976e00d6217899516ce9452d8.css?ver=1.0","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.968Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/fonts/7b559ac976e00d6217899516ce9452d8.css?ver=1.0 HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Wed, 29 Apr 2026 19:05:42 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f25686-2e0c\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":11788,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1572)","md5":"f3fd3121fe5ca7cac41123a61fd7f68b","sha1":"5d964d45e44a287b2bc8a73c4f90230216db133c","sha256":"523bfa04875722739094278d865a1df5ad3ecb7e3cf5f109b25cedf02627f107","sha512":"634b7ded0ec2f7bbf55c112a68dfb665a18362a6357e9b9f6a4ec21dcf2c819d4d0d6e7ab762538ec5f7e4fd9dd1c39e360643acd73b514fb633f6a034cbcc0f","ssdeep":"192:wsSAsQsdsG1svs7qbsXbqGIwV4RsqsDqsLsSus+sXsGPsVs7qxsXbqGIwV47sMs6:ggsqY40+uqY4z","tlshash":"3a322d90041b1900675359e5639e3e34de4fb362b188d065abfc8b5bdedada473b032e","first_seen":"2026-05-04T06:26:17.88471Z","last_seen":"2026-05-08T08:08:33.728561Z","times_seen":3,"resource_available":false,"data":null}},"time_used":379,"timings":{"blocked":151,"dns":0,"connect":67,"send":0,"wait":63,"receive":0,"ssl":88},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/themes/graceful/assets/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXx-p7K4GLs.woff","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:15.280Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/themes/graceful/assets/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtZ6Hw5aXx-p7K4GLs.woff HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/wp-content/themes/graceful/assets/css/google-fonts.css?ver=6.9.4\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: font/woff\r\nContent-Length: 16524\r\nLast-Modified: Wed, 29 Apr 2026 19:05:24 GMT\r\nConnection: keep-alive\r\nETag: \"69f25674-408c\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16524,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 16524, version 1.1","md5":"6d7eada12e52c17e7489a10407450079","sha1":"f5acea8e791c20555b5c5631abd44c4bca096a94","sha256":"4aa3db8cfd366be018ce81a276825ca0b837a1e5fcfaaa381101866a94d19c4c","sha512":"5dfa0e0fec8ab698a466ff0f6a9d09976641884a2f2fc5f0e9c16df6dbe9bc3e94b8d1069de6c0514a152a821535f5382f3c0879d32d40d8b56dd9bf22a2f46a","ssdeep":"384:eLXrmS4mamIp4JbtF1h97F+hoDwAQNWOiGEl7ntluyRFp:eLXrmS4mvI0F/9J+vAQ8bGEl+OD","tlshash":"2a72c0d0a0697b89c06178bb330f96934e5b934915b5af4a5121eecd7c1c89cf7e13e4","first_seen":"2023-04-11T16:38:13Z","last_seen":"2026-05-10T22:11:45.701246Z","times_seen":207,"resource_available":false,"data":null}},"time_used":105,"timings":{"blocked":35,"dns":0,"connect":0,"send":0,"wait":70,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/themes/graceful/assets/fonts/cormorant-garamond/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQEl5fvg-OxBSL_g.woff","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:15.293Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/themes/graceful/assets/fonts/cormorant-garamond/co3YmX5slCNuHLi8bLeY9MK7whWMhyjQEl5fvg-OxBSL_g.woff HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/wp-content/themes/graceful/assets/css/google-fonts.css?ver=6.9.4\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: font/woff\r\nContent-Length: 25804\r\nLast-Modified: Wed, 29 Apr 2026 19:05:24 GMT\r\nConnection: keep-alive\r\nETag: \"69f25674-64cc\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25804,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 25804, version 1.1","md5":"44615b8dbbac2aa61358452f8d6b520d","sha1":"13aa68b5ce2dfd03ab8c3d443ca7712a5baae961","sha256":"f8edf8d9a8af224e35112f2ae3a63396afcc90bd93763229f2f7ad07e88c36f2","sha512":"34887011aaf40b71533b989c143b77d685bc3a8351948ca5df1ee22e38f1f7aaddb31942cace43ab125d8f09457116ae23c8f8cafecbfa67f8bdedb904636a8d","ssdeep":"768:odNpH/1Mw+dUtmIXb94XNfhF+ICmfd2/H7sdic:odNpdV+dUtDXb6XNfLCmFpdic","tlshash":"15c2e17c05a023e0f139bbf8e7b18374dd963d4f151e96a991e640104ff97352552e8b","first_seen":"2024-12-08T00:28:00.369058Z","last_seen":"2026-05-12T20:38:04.905227Z","times_seen":114,"resource_available":false,"data":null}},"time_used":149,"timings":{"blocked":84,"dns":0,"connect":0,"send":0,"wait":64,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/uploads/2026/04/metamask_40.png","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"lazy-imageset","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:15.555Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/uploads/2026/04/metamask_40.png HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 29 Apr 2026 19:09:42 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f25776-1381b8\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1278392,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGB, non-interlaced","md5":"8f562e6f64305a76b3115fcae905c85e","sha1":"f019db46f4c01b0b33ba205f5e6aa172805458d4","sha256":"7f33eee44435ce8ea63a5dda8f634664f016c0cf4ba49d5eb9a095407e00116d","sha512":"3f74f656eadb3e570223dec9a71463d9fab8d02c4b2c35b0f2518ba40e874ae08a15e0827d1196e5a57bbf51ce9be9f5c9bc644026fd8e84a2ffa1367e3271ef","ssdeep":"24576:EE7WbRDubokPyQcEl7t4szHPEduWim/oyC8UJ:9OGhPyQj7q0PF","tlshash":"c12533ff29b6f251ead2927e0b9e1c0edf3c8d6a431854001457a13aa54d3780b72b6f","first_seen":"2026-05-04T06:26:17.883766Z","last_seen":"2026-05-08T08:08:33.714755Z","times_seen":3,"resource_available":false,"data":null}},"time_used":346,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":64,"receive":282,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-includes/js/jquery/jquery.min.js?ver=3.7.1","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.972Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery.min.js?ver=3.7.1 HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Wed, 29 Apr 2026 18:37:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f24fe8-15601\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":87553,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65447)","md5":"826eb77e86b02ab7724fe3d0141ff87c","sha1":"79cd3587d565afe290076a8d36c31c305a573d18","sha256":"cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf","sha512":"fc79fdb76763025dc39fac045a215ff155ef2f492a0e9640079d6f089fa6218af2b3ab7c6eaf636827dee9294e6939a95ab24554e870c976679c25567ad6374c","ssdeep":"1536:0RUX9uDgwxcy2KVBNwchN6SLaHEk2BSrBESp+a/IEk4aAocVi8SMBQ47GKO:sHNwcv9VBQpLl88SMBQ47GKO","tlshash":"7483f8df77ca702247ab30b9006f550bf276199d684d4400f159d8e9bcb8a4a827bf7e","first_seen":"2023-11-03T09:26:43Z","last_seen":"2026-05-13T19:27:09.558506Z","times_seen":820708,"resource_available":true,"data":null}},"time_used":203,"timings":{"blocked":134,"dns":0,"connect":0,"send":0,"wait":68,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/uploads/2026/04/metamask_38-150x150.png","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.974Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/uploads/2026/04/metamask_38-150x150.png HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 29 Apr 2026 19:09:39 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f25773-61c3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25027,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"56b1d86da6abe3b21754feb187f6a029","sha1":"b837c510b56eefd03042c38a807ea6fe0fd817db","sha256":"513e33643e29da4fe34f64b3b2020f7cd5deed43feb4566341251d03d6323c8f","sha512":"32b30e68acf03633e37c677c8fcf0640678db4d03625f76d65c1e17ba06ea0117396e4d6f48ee0b3b2a0e1bc50eb759e589bedde33cd90cda5239d5bb9a03b88","ssdeep":"384:pDICd18BjXj1G0r+2wptOZ0ypMnwNyFGS2CUwfDq6qzN0CRW1gvE:p0LxXZG0r+2wptrypXgFf2CUd4X","tlshash":"a0b2f2e9c67b8c43c3cc95589500339fc142d981a099b469804fcbd6bfb28959acb5fd","first_seen":"2026-05-04T06:26:17.865006Z","last_seen":"2026-05-08T08:08:33.730213Z","times_seen":3,"resource_available":false,"data":null}},"time_used":556,"timings":{"blocked":482,"dns":0,"connect":0,"send":0,"wait":73,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/themes/graceful/assets/js/main.js?ver=1.0.4","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.980Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/themes/graceful/assets/js/main.js?ver=1.0.4 HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Wed, 29 Apr 2026 19:05:24 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f25674-12f94\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77716,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (31997), with CRLF line terminators","md5":"ad7a788668a12b0ebff958141ae553cc","sha1":"eb1a9a2246bc60ab6cfe9f31439a57b0c287ae23","sha256":"924279a64b5a46f605db18673a5d8a455e689426e93dea4bcae5f2b04c31db86","sha512":"38d760971938751a7cfa124be3490f8f9411f2c904dca4565f3651389947c5bf263d58faed9ce9df0a7452fa21206c55e37967af62adbe76c44a83b9cf681810","ssdeep":"1536:tITMFC4dbMVRSNcgRDWxqR6El4+2O/n+8RKPrFJZdhuawCaf:tVbmwOcXlW3hK","tlshash":"5873b745bb20392a42efe1a5957f070bf23a141aa50540ac786cdeed1f78958213ffbd","first_seen":"2023-12-29T10:09:08Z","last_seen":"2026-05-10T11:26:29.926171Z","times_seen":164,"resource_available":true,"data":null}},"time_used":335,"timings":{"blocked":203,"dns":0,"connect":0,"send":0,"wait":131,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/uploads/2026/04/metamask_30.png","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.977Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/uploads/2026/04/metamask_30.png HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 29 Apr 2026 19:09:27 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f25767-14367e\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1324670,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGB, non-interlaced","md5":"96484cb3c1f19bc37293f2e48ca168ff","sha1":"e6fdfa763be487383734353759e231356c91a337","sha256":"52ed9804407bf1ec59d678351fb38ac47c0a96dfd33c05988e19bdd123b7c699","sha512":"94c647db760b76b162da6748e776ddc5e7a767b1f9eacbfbab1e146d681b725e1970928f7d0b0249301e8e038932b7a3c54ba4e2c00643d54ebbca7680dd0a9a","ssdeep":"24576:cDC+f4bTnrZy1tpKqs8iMBee5wI2KxE0iXAozcL6jnKg:p+hQN/MTw74iwdLbg","tlshash":"842523b6a9b7bd3adad3357652104968ce3e8c002db5ae61a951d0fcfc49f3113e4326","first_seen":"2026-05-04T06:26:17.870893Z","last_seen":"2026-05-08T08:08:33.732871Z","times_seen":3,"resource_available":false,"data":null}},"time_used":682,"timings":{"blocked":262,"dns":0,"connect":0,"send":0,"wait":67,"receive":353,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/uploads/2026/04/metamask_23.png","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.978Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/uploads/2026/04/metamask_23.png HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 29 Apr 2026 19:09:16 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f2575c-15e037\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1433655,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 1024 x 1024, 8-bit/color RGB, non-interlaced","md5":"700b2b394db40ae366b66270624ae575","sha1":"4f66ec90e41160c669c29aab7165c92e7c815a27","sha256":"cc80ac93696b9a62401f752c24f18dbf553e071c8662d63e4e68290e5d69cef5","sha512":"b2e7ce02c2675d5155051e9be77f6d7fcf37ee9eb80cb749b7a0a96cb138398e1d3092c961572d995e568c5919f8dcd242183223a1631e173b2b72dec1fd22f0","ssdeep":"24576:Fp3UX4BvoiJy0rYvLW6Hqdka+D1Jtvo5CHHNUY:kt0+LW6KSagrwcZ","tlshash":"692523c745b332c9eec39c74554680f06ef24893f81e002245f9994aefdbc598da66eb","first_seen":"2026-05-04T06:26:17.871824Z","last_seen":"2026-05-08T08:08:33.733661Z","times_seen":3,"resource_available":false,"data":null}},"time_used":905,"timings":{"blocked":464,"dns":0,"connect":0,"send":0,"wait":79,"receive":362,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/page/2/","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"other","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:15.915Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /page/2/ HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nX-Moz: prefetch\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:16 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 13438\r\nConnection: keep-alive\r\nLink: \u003chttps://metemask.com.co/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Yoast SEO:27.2","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"Yoast SEO Premium:27.2","description":"Yoast SEO Premium is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO"]},{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]}],"data":{"size":70738,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (10158), with CRLF, LF line terminators","md5":"8dd77d19f925acfa9b77f73fa733fefe","sha1":"d4446affbaa494deaca47ff5f72f1f5d77ed48e0","sha256":"0cbe9c5c34be3694457d7277e57feb127559f273c050b4369dad9de727984278","sha512":"e369396d5cd31c635f7abd8d6f4cf10bbbed72733f4140d26d40d5a563eabb88c5b3a13ed379f8c890ea2b3daf2344c1aeea18156c05ab4c7a27a7a869115161","ssdeep":"1536:6beypjAuRJQ/QhBhW2pe5iN7tSNHwzseGzkN:6b3uuUmBndseGzkN","tlshash":"3963f773a3dc45f13a2e935bc0a07608945adf36c69696d8f1fc4168cbcada640b330e","first_seen":"2026-05-04T06:26:17.882862Z","last_seen":"2026-05-08T08:08:33.713859Z","times_seen":3,"resource_available":false,"data":null}},"time_used":394,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":393,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/uploads/2026/04/cropped-metamask-32x32.png","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:16.010Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/uploads/2026/04/cropped-metamask-32x32.png HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:16 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 29 Apr 2026 19:11:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f257f2-663\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1635,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced","md5":"e4186fd0bf7025146b5042a8dc15ac78","sha1":"c85d90d3c57fef3431bc2e0e8b93c2dd0dd9c30e","sha256":"96a1e7bb624fe53c3fd26d2b739a06a85b4c550a3c2e087e0f07974f4c77c2fe","sha512":"7323a0f3c36cddebe487ab83ca2f57c9e9fcda3ad5ee0de91c4d8abb94da84c288c6dfd3f02516587669b79618c3c73715fbc10c7c922edd470762a2af8d6dd0","ssdeep":"","tlshash":"d5313cd332960968cc7b4a2097ea294968d3cb1a1ca95c6cb395f0b34678571440ee01","first_seen":"2026-04-25T07:20:49.188017Z","last_seen":"2026-05-08T08:08:33.720212Z","times_seen":4,"resource_available":false,"data":null}},"time_used":64,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/themes/graceful/style.css?ver=6.9.4","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.965Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/themes/graceful/style.css?ver=6.9.4 HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Wed, 29 Apr 2026 19:05:24 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f25674-11ff2\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":73714,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (3184), with CRLF line terminators","md5":"a21d343957df90b2e4fcc3dfb5b830f4","sha1":"70431a7a53bef81804e0d1a9913cff98a055545e","sha256":"01bb7c2ce7f55da20719a79e6363e5a9d9d115e16d7130f65205524c5879b25b","sha512":"12f146d7bebae9a62a993d9c26f79d79490594da099043aa37076fc84e810e5080dbd7797a8d3e740630ecd0ec5123ed104f440ad5b37aa7e01973ef5a867292","ssdeep":"768:9VUgnwR+Zi9ZtwChdGCBnc8DvMbM8dzSHZ0qw:9VUgwR+odBhdGCBnc8DmqZ0B","tlshash":"ce737598de811146b232cbb1bba66776fb2d40239b0240b4bed45204cf75b9d46adfcd","first_seen":"2025-01-07T15:52:56.939344Z","last_seen":"2026-05-10T22:11:45.681209Z","times_seen":192,"resource_available":false,"data":null}},"time_used":141,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":65,"receive":19,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/themes/graceful-halo-blog/style.css?ver=1.0.0","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.966Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/themes/graceful-halo-blog/style.css?ver=1.0.0 HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Wed, 29 Apr 2026 19:05:22 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f25672-3c0a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":15370,"size_decoded":0,"mime_type":"text/css","magic":"Unicode text, UTF-8 text, with very long lines (878)","md5":"c8805423f488257a8ca867b5b924e36e","sha1":"20f941b14662e75eb7552faf2a11efe05c69d321","sha256":"61d20134147367a75984a7c92750805e39c4f09d06a7d076de5336f3199a2611","sha512":"0cdc7adff202783fd6680f2ea1a44f76463ce6b3943e5b5ee84d17838abcd18311d6aa885f018b138e08541825d5bd30e0ad8eb46460aac0cdc319d7e8a409fd","ssdeep":"384:fWszAZrjh9Jf+ZZdFA9E01zFBnJK056gojSVHKauE:7zMjh9mZdFAKYBnX56A","tlshash":"a36233aadef708853526d2666fb9ea81f7ac4143d14ec8e4bfc4610c8f45bd444aeb4c","first_seen":"2025-10-28T00:42:06.117737Z","last_seen":"2026-05-09T04:41:13.806727Z","times_seen":69,"resource_available":false,"data":null}},"time_used":384,"timings":{"blocked":153,"dns":1,"connect":68,"send":0,"wait":64,"receive":0,"ssl":93},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/themes/graceful/assets/css/woocommerce.css?ver=6.9.4","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.971Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/themes/graceful/assets/css/woocommerce.css?ver=6.9.4 HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Wed, 29 Apr 2026 19:05:24 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f25674-628d\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25229,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with CRLF line terminators","md5":"cb815d04be6902aa32cc7a365c5b9bcf","sha1":"f890853f08ba9269a8ae5a89d5851e834800714b","sha256":"cc03e1b059de848940de9dfe7912347bd231f69604ee79d6264b85be37721e12","sha512":"4cb77e58092e41ca90a42f3e25de467441fd93420a3d4ba145e578ba36688f9fc1cde81509a4c402e843791c293a47c2c71b38c32bc4bd197334c16013656556","ssdeep":"192:HUdKHqg2X22WrQ7P5OhydRhOgKSmUBH8pk8x8mxh8Xdq7WRKcf+qyvI9mVoq55df:IZt7B8UBcxe6W8ITC7mjS1","tlshash":"6eb2978fddb1480673fae9b46f6575d5fd01407b6a440620bca06b098be85ef221ef8d","first_seen":"2023-12-29T10:09:08Z","last_seen":"2026-05-10T22:11:45.682805Z","times_seen":211,"resource_available":false,"data":null}},"time_used":379,"timings":{"blocked":149,"dns":0,"connect":66,"send":0,"wait":66,"receive":0,"ssl":73},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/plugins/table-of-contents-plus/front.min.js?ver=2411.1","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.979Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/plugins/table-of-contents-plus/front.min.js?ver=2411.1 HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Wed, 29 Apr 2026 19:03:22 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f255fa-180f\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":6159,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (6159), with no line terminators","md5":"579971209b4a0594503eb32f73dc55cd","sha1":"538f77a685391e4b75fe534eca2a2c8793c7d4b4","sha256":"c18f5c0855f4b76c30dd796f7164f9d1bb23c2c85b070cfad938787a214a2639","sha512":"926afec2644e8cf1437b551561b7fb19a03776dce89d20c29f32674a02844fb461d350145341b45a86122d6589485a48689028a3b9f734be9bc864d5e83259fc","ssdeep":"96:11KOglvWRd5tBYGLA/cpk5PF/RlDzxBtuhWIZAAO2Sbl34nXpCVd7:HKVlvW75taGLtKFDVBIhWyAAOTB344VZ","tlshash":"95d1c85b70aa902411ff5227d12b0905f27c69779645244ae18ceeb41db8f6820bfffd","first_seen":"2023-03-13T21:07:02Z","last_seen":"2026-05-13T16:04:50.002193Z","times_seen":5574,"resource_available":true,"data":null}},"time_used":267,"timings":{"blocked":204,"dns":0,"connect":0,"send":0,"wait":63,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-includes/js/wp-emoji-release.min.js?ver=6.9.4","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:15.415Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-includes/js/wp-emoji-release.min.js?ver=6.9.4 HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Wed, 29 Apr 2026 18:37:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f24fe8-58ea\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":22762,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (19823)","md5":"f0cc9ba5cf46af0cd73d521803e3b07e","sha1":"7d2a74f87dc70a39eccce3bae1d4cc404cb134f4","sha256":"fd59b0ebf6282ed71647bf2f6e0d1925bbfd1f270865a832079ebb60259aabca","sha512":"7ec44f08676c195547a623504c7105ef3d0acea5839675599598043f3e0b5a3386452e3db6fbea90722f7be9e6effdae1b89c49e2b05b22b8c415616e07d471d","ssdeep":"384:WzevzApRZTbXU/3o//bEPhXgA5POkpJTX:Wsk9XU/3o//YpXgAs+hX","tlshash":"7fa2959ba33a4e8f343e3bd78d968f4dc9da555321c0e079dbefb6c169a00568274c80","first_seen":"2025-11-10T19:52:32.864936Z","last_seen":"2026-05-13T19:27:09.565169Z","times_seen":215656,"resource_available":true,"data":null}},"time_used":91,"timings":{"blocked":26,"dns":0,"connect":0,"send":0,"wait":65,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2411.1","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.963Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/plugins/table-of-contents-plus/screen.min.css?ver=2411.1 HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:14 GMT\r\nContent-Type: text/css\r\nLast-Modified: Wed, 29 Apr 2026 19:03:22 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f255fa-484\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":1156,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text, with very long lines (1156), with no line terminators","md5":"c36a54231034d43c59838cffd223ae0e","sha1":"2d28ea215858ad20b347db91ba63b877d506f751","sha256":"2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b","sha512":"b2e90b20fcb6204554d6b349acfb8b90b0a2a6a6f20289514c7292dac396628970a45e4909793f554037c955ed36ac970ba5e22776875b3d6f28aac2209bc0f9","ssdeep":"","tlshash":"5f21c2510bd6743cb83b826ee6ecc5a3ba6cd51bd1e66d71b125e0d2c0f8079015368a","first_seen":"2023-04-05T06:24:45Z","last_seen":"2026-05-13T16:04:50.00105Z","times_seen":6226,"resource_available":false,"data":null}},"time_used":72,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":70,"receive":2,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.973Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: application/javascript; charset=utf-8\r\nLast-Modified: Wed, 29 Apr 2026 18:37:28 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f24fe8-3509\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":13577,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (13479)","md5":"9ffeb32e2d9efbf8f70caabded242267","sha1":"3ad0c10e501ac2a9bfa18f9cd7e700219b378738","sha256":"5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89","sha512":"8d6be545508a1c38278b8ad780c3758ae48a25e4e12eee443375aa56031d9b356f8c90f22d4f251140fa3f65603af40523165e33cae2e2d62fc78ec106e3d731","ssdeep":"192:5rprDN+sag6ifKIUpQI99P1tLm9kdgyq1+J3aCJQ+h4MPLORq:5rprxaefKI0LP19m4q1WW+h4Mjp","tlshash":"9952c8adb56679724eb721b8f03bd24f71b205de560d8940d19cc4f6282dc6e812bf78","first_seen":"2023-05-09T19:21:05Z","last_seen":"2026-05-13T19:27:09.560136Z","times_seen":759046,"resource_available":true,"data":null}},"time_used":266,"timings":{"blocked":202,"dns":0,"connect":0,"send":0,"wait":64,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/themes/graceful/assets/fonts/cormorant-garamond/co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtMky2F7g.woff","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:15.275Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/themes/graceful/assets/fonts/cormorant-garamond/co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtMky2F7g.woff HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/wp-content/themes/graceful/assets/css/google-fonts.css?ver=6.9.4\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: font/woff\r\nContent-Length: 26364\r\nLast-Modified: Wed, 29 Apr 2026 19:05:24 GMT\r\nConnection: keep-alive\r\nETag: \"69f25674-66fc\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":26364,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 26364, version 1.1","md5":"7c775be9e51588636ca9638a390c6dab","sha1":"d95a38a460aebdd514fb610bf9a8612ba1e3c6cd","sha256":"de615a59f9edd6fc4ffd1727e707b037f0f86f0d0bc24ff91018bfe2be515672","sha512":"61e3b3f81b80af98bab20fa2d984ead21f122f024e93facbc45500c9d08f28fe1b5f7bfdfe77c30cd63fe52f8c5d5afc1191ceed7df541814d3f97f67b3a1dda","ssdeep":"768:XviNNHG9BDoQELKSSIcZRQEKIieei1o2Rsh0H7sdic:fiz4gdDIjei0hFdic","tlshash":"3ec2e148555d0f8496f8e0b3eacfc652ee6846d90d1757c1e89c11022317c5fb6b6897","first_seen":"2023-07-17T12:02:43Z","last_seen":"2026-05-10T22:11:45.724406Z","times_seen":206,"resource_available":false,"data":null}},"time_used":102,"timings":{"blocked":35,"dns":0,"connect":0,"send":0,"wait":66,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/themes/graceful/assets/fonts/fontawesome-webfont.woff2?v=4.7.0","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:15.286Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/themes/graceful/assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/wp-content/themes/graceful/assets/css/font-awesome.css?ver=6.9.4\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: font/woff2\r\nContent-Length: 77160\r\nLast-Modified: Wed, 29 Apr 2026 19:05:24 GMT\r\nConnection: keep-alive\r\nETag: \"69f25674-12d68\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":77160,"size_decoded":0,"mime_type":"font/woff2","magic":"Web Open Font Format (Version 2), TrueType, length 77160, version 4.459","md5":"af7ae505a9eed503f8b8e6982036873e","sha1":"d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c","sha256":"2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe","sha512":"838fefdbc14901f41edf995a78fdac55764cd4912ccb734b8bea4909194582904d8f2afdf2b6c428667912ce4d65681a1044d045d1bc6de2b14113f0315fc892","ssdeep":"1536:/MkbAPfd1vyBKwHz4kco36ZvIaBfRPlajyXUA2jVTc:L0nXnHdfRVEAS2","tlshash":"7d7302e63b6c4943e03d6460708abe9f104b3ab42fe057e5c876db7f2722992b71552c","first_seen":"2023-04-05T03:30:47Z","last_seen":"2026-05-13T19:18:49.448942Z","times_seen":465785,"resource_available":true,"data":null}},"time_used":220,"timings":{"blocked":90,"dns":0,"connect":0,"send":0,"wait":64,"receive":66,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/themes/graceful/assets/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXx-p7K4GLs.woff","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:15.329Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/themes/graceful/assets/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCu173w5aXx-p7K4GLs.woff HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/wp-content/themes/graceful/assets/css/google-fonts.css?ver=6.9.4\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: font/woff\r\nContent-Length: 16364\r\nLast-Modified: Wed, 29 Apr 2026 19:05:24 GMT\r\nConnection: keep-alive\r\nETag: \"69f25674-3fec\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16364,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 16364, version 1.1","md5":"7a442739544439a189d4f9b178c98c6b","sha1":"2c06693a4729f9cac9fce202543682b9b2719c99","sha256":"5f7a28913dfaf24ae02d546cda0a3e2cb28df0b83757e1bb8383baac7ed72460","sha512":"c8f2140905c21fe43df7c6ade66209d2c95c82858ced7f0d5db65ef303a49a63b09842b56bdb2c12c650aa4914c368958109e70098139212d751307ed714b64d","ssdeep":"384:qUhjso5PubbnMGGk1ijQIZO7aNnP7ps6uvubdn:qUhjJ9zI2P7ps6L","tlshash":"e172d059afad5247c8c21b3784552ede1364524ca0b648473dce0389784ccee1ae8eff","first_seen":"2023-05-04T17:46:57Z","last_seen":"2026-05-10T11:26:29.938278Z","times_seen":205,"resource_available":false,"data":null}},"time_used":127,"timings":{"blocked":57,"dns":0,"connect":0,"send":0,"wait":69,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/themes/graceful/assets/css/google-fonts.css?ver=6.9.4","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.970Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/themes/graceful/assets/css/google-fonts.css?ver=6.9.4 HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Wed, 29 Apr 2026 19:05:24 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f25674-32ab\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":12971,"size_decoded":0,"mime_type":"text/css","magic":"ASCII text","md5":"d0fed6b42726628283844b4705588092","sha1":"097ecc1853e7d2d8b7aba7e5ea5268699f7ea8aa","sha256":"2c7fa10424f4737652ebaeec1c9a116414f156346a19ccc42329380620c17735","sha512":"d12335198a5e8bec7871add33722adfd05c87da1b3d8abdc232fdc82f4ae63516cd618208b0f6b8f942a471054694ea03c432edc0d8ff9b71192d1f13dba489d","ssdeep":"192:rAbFE861L6M0iDdykw5+9loRuPXboX6TXcX44XRXjvXSMX7Xg/XAXjSXS1XeXgi4:sa7LMy1jqawxqcH","tlshash":"5c42db8010263200d7471cda33db3e25ce5e75567151ca392ffc1ca5aeeed2623a8b6e","first_seen":"2023-12-29T10:09:08Z","last_seen":"2026-05-10T22:11:45.722743Z","times_seen":211,"resource_available":false,"data":null}},"time_used":377,"timings":{"blocked":149,"dns":1,"connect":66,"send":0,"wait":63,"receive":0,"ssl":79},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/uploads/2026/04/metamask_23-150x150.png","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.975Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/uploads/2026/04/metamask_23-150x150.png HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 29 Apr 2026 19:09:16 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f2575c-6554\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":25940,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"f2a46224634f3032403c1e68d852880b","sha1":"a2977cea50b294dc05fbdbfaaea794f8401f195f","sha256":"50df4ceb451d1220a5e0964b199f838c17ff4bc81db13b18ba7af9ff05ffa146","sha512":"88004a587305436e59d3298814e156d518d74f5a78004a8626b924183a307d611de8cb2c7f6619f7f593ce7659531dd6c0672eb78f8b0c100bae7c7e7b1b436e","ssdeep":"768:C47dUz5RVwLc9Dg6vjRM4uZqO1eBhYg6+0zI:C9zbVPD3rR+JezV6+0zI","tlshash":"86c2e1ca43dd3e964b01c6e6aaa3e9154fb01df479223056e12793b8ccbd7d938f2850","first_seen":"2026-05-04T06:26:17.877233Z","last_seen":"2026-05-08T08:08:33.723679Z","times_seen":3,"resource_available":false,"data":null}},"time_used":399,"timings":{"blocked":264,"dns":0,"connect":0,"send":0,"wait":68,"receive":67,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/uploads/2026/04/metamask_40-150x150.png","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"imageset","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.976Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/uploads/2026/04/metamask_40-150x150.png HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 29 Apr 2026 19:09:42 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f25776-54c3\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":21699,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 150 x 150, 8-bit/color RGBA, non-interlaced","md5":"da303f003bbb66b9d3ec98b9a0f304f2","sha1":"c0f425ab45830d4361bf3dd7907854b0ad507bae","sha256":"ca68cc58aef247149fa17858b2bb4670559497783b496815d66f1fa8202da81d","sha512":"fb14c2dfe2c416cca8399eafdfb966f41919e02c4789dd020633b25dd4b1ab91ff9d613ad3c05845b84610707ec37c3d458affe425a8ccb4d26736b5c3f0b2c3","ssdeep":"384:kZwS2CrSUL2k1TG+5sgi8eNCmXYPTTivL6/Y5HrbDCQo6OW:Q5GU9RBBfPTTiT0YHv+QUW","tlshash":"e1a2e18757ee7cfc89d25002bb7b812b81273891865e6d1634fa6b2913fca555b23290","first_seen":"2026-05-04T06:26:17.880835Z","last_seen":"2026-05-08T08:08:33.724426Z","times_seen":3,"resource_available":false,"data":null}},"time_used":399,"timings":{"blocked":264,"dns":0,"connect":0,"send":0,"wait":70,"receive":65,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/uploads/2026/04/cropped-metamask-192x192.png","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:16.008Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/uploads/2026/04/cropped-metamask-192x192.png HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:16 GMT\r\nContent-Type: image/png\r\nLast-Modified: Wed, 29 Apr 2026 19:11:46 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f257f2-39cd\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":14797,"size_decoded":0,"mime_type":"image/png","magic":"PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced","md5":"475df0613741a7b22788bb45cf733cf5","sha1":"5d4ecb5f29e8bffd2a4cf0097714035e8667287d","sha256":"578abb6077d6e97475adfcc7d79dcc8351f366dadef33cc143e96bd819d860a9","sha512":"4abde3ef808be90f1de47df8d02ad339e16ff23bd0641e4f031799deb39fe1439e1d0a1ce5ecf982120c9778fb141bc16845df98e18d7999db1641840c2b6735","ssdeep":"384:xcaIBgG5+ZCRStQ5nV+e+fL/v0Yg6RxLIvV6de:xcaI3bsbe+T/cYzUv8e","tlshash":"d762d0e751fbe13422a08e6bdf209d14307369c039e509a55b747d80c6c6b9337c7486","first_seen":"2026-04-25T07:20:49.1615Z","last_seen":"2026-05-08T08:08:33.719384Z","times_seen":4,"resource_available":false,"data":null}},"time_used":65,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":64,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-08T08:07:14.074Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:14 GMT\r\nContent-Type: text/html; charset=UTF-8\r\nContent-Length: 13678\r\nConnection: keep-alive\r\nLink: \u003chttps://metemask.com.co/wp-json/\u003e; rel=\"https://api.w.org/\"\r\nVary: Accept-Encoding\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"PHP","description":"PHP is a general-purpose scripting language used for web development.","website":"https://php.net","common_platform_enumeration":"cpe:2.3:a:php:php:*:*:*:*:*:*:*:*","icon":"PHP.svg","categories":["Programming languages"]},{"name":"WordPress Block Editor","description":"Sites using the WordPress Block Editor, also known as Gutenberg.","website":"https://wordpress.org/gutenberg/","common_platform_enumeration":"","icon":"WordPress.svg","categories":["Page builders"]},{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]},{"name":"WordPress:6.9.4","description":"WordPress is a free and open-source content management system written in PHP and paired with a MySQL or MariaDB database. Features include a plugin architecture and a template system.","website":"https://wordpress.org","common_platform_enumeration":"cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*","icon":"WordPress.svg","categories":["CMS","Blogs"]},{"name":"jQuery Migrate:3.4.1","description":"Query Migrate is a javascript library that allows you to preserve the compatibility of your jQuery code developed for versions of jQuery older than 1.9.","website":"https://github.com/jquery/jquery-migrate","common_platform_enumeration":"","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Yoast SEO:27.2","description":"Yoast SEO is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO","WordPress plugins"]},{"name":"jQuery","description":"jQuery is a JavaScript library which is a free, open-source software designed to simplify HTML DOM tree traversal and manipulation, as well as event handling, CSS animation, and Ajax.","website":"https://jquery.com","common_platform_enumeration":"cpe:2.3:a:jquery:jquery:*:*:*:*:*:*:*:*","icon":"jQuery.svg","categories":["JavaScript libraries"]},{"name":"Yoast SEO Premium:27.2","description":"Yoast SEO Premium is a search engine optimisation plugin for WordPress and other platforms.","website":"https://yoast.com/wordpress/plugins/seo/","common_platform_enumeration":"","icon":"Yoast SEO.png","categories":["SEO"]},{"name":"MySQL","description":"MySQL is an open-source relational database management system.","website":"https://mysql.com","common_platform_enumeration":"cpe:2.3:a:mysql:mysql:*:*:*:*:*:*:*:*","icon":"MySQL.svg","categories":["Databases"]}],"data":{"size":76724,"size_decoded":0,"mime_type":"text/html; charset=UTF-8","magic":"HTML document, Unicode text, UTF-8 text, with very long lines (10158), with CRLF, LF line terminators","md5":"fb3abbe2410f9fe092033acbe0a8b392","sha1":"e336769e6882e486bca74895120abdfcf44732f8","sha256":"9ea1f5edee8ae21944916b999f9a49d54f91d73cfc291cdd4c10f4a3718731f7","sha512":"8e92c91ed81cd78a222c815ed06934bd4fb679ad3c3060e942e1310470b60970556e261f1955f9bc993bd0819904d687b1ebd9e01e560469cd5df5387ae1fce5","ssdeep":"1536:UbeypjAuRJQ/QhBQW2774/k1ta3lDwkseGzkN:Ub3uuUmBDseGzkN","tlshash":"5773e772a3dc45f13a3e934ac0a47a08945adf37c69686d8f2fc4169dbc9da6407370e","first_seen":"2026-05-04T06:26:17.869481Z","last_seen":"2026-05-08T08:08:33.710415Z","times_seen":3,"resource_available":true,"data":null}},"time_used":911,"timings":{"blocked":226,"dns":91,"connect":64,"send":0,"wait":458,"receive":1,"ssl":69},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/themes/graceful/assets/css/font-awesome.css?ver=6.9.4","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:14.969Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/themes/graceful/assets/css/font-awesome.css?ver=6.9.4 HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: text/css\r\nLast-Modified: Wed, 29 Apr 2026 19:05:24 GMT\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nETag: W/\"69f25674-922a\"\r\nContent-Encoding: gzip\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":37418,"size_decoded":0,"mime_type":"text/css","magic":"troff or preprocessor input, ASCII text, with very long lines (372)","md5":"47d7fe208247982b7c64b17919172c23","sha1":"c85b427f50a9e5bc0229606dc4865ec4f4e18258","sha256":"e0d588eb359ce6662fcbfbe264e2d018285f027111afecc7234c49e9b9014fef","sha512":"e0ec128103723abd07cdaaed19b72867168e6b6a5ca7227559c9521f672ef971cb4c21a9123c91066585bb5e3db12f2b23f58d9d680a292faacc727f068d4a2c","ssdeep":"768:mmMtI+A4CSIDqvnI+YTBrFPvVrJjhiRAiiFL:mXtI+A4GDUI+Y9rpVljhiIFL","tlshash":"0af241ece5bf18904391e0d16386a370bb3dbb2c8d4a6d5cd2a6798cb1c1255d2c63ed","first_seen":"2023-12-29T10:09:08Z","last_seen":"2026-05-10T22:11:45.721859Z","times_seen":210,"resource_available":false,"data":null}},"time_used":381,"timings":{"blocked":150,"dns":1,"connect":67,"send":0,"wait":65,"receive":0,"ssl":83},"alerts":{"ids":null,"analyzer":[{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null},{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null}],"urlquery":null}},{"url":{"schema":"https","addr":"metemask.com.co/wp-content/themes/graceful/assets/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXx-p7K4GLs.woff","fqdn":"metemask.com.co","domain":"metemask.com.co","tld":"com.co"},"ip":{"addr":"178.16.54.40","port":443,"asn":40999,"as":"dus.net GmbH","country":"Germany","country_code":"DE"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://metemask.com.co/","date":"2026-05-08T08:07:15.282Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_256_GCM_SHA384","key_group_name":"x25519","signature_name":"RSA-PSS-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"metemask.com.co","organization":""},"issuer":{"commonName":"R12","organization":"Let's Encrypt"},"validity":{"start":"Wed, 29 Apr 2026 18:02:54 GMT","end":"Tue, 28 Jul 2026 18:02:53 GMT"},"fingerprint":{"sha1":"C6:14:94:F1:44:8A:65:59:76:17:D7:8C:A1:98:D0:D8:7D:4F:B1:9A","sha256":"78:D0:8F:99:F3:C9:73:59:E2:3B:7F:E7:5F:71:81:3E:6E:C7:94:6B:64:FF:BD:91:02:58:C7:59:30:5B:B4:C0"}}},"request":{"raw":"GET /wp-content/themes/graceful/assets/fonts/montserrat/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXx-p7K4GLs.woff HTTP/1.1\r\nHost: metemask.com.co\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: identity\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://metemask.com.co/wp-content/themes/graceful/assets/css/google-fonts.css?ver=6.9.4\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/1.1 200 OK\r\nServer: nginx/1.28.0\r\nDate: Fri, 08 May 2026 08:07:15 GMT\r\nContent-Type: font/woff\r\nContent-Length: 16568\r\nLast-Modified: Wed, 29 Apr 2026 19:05:24 GMT\r\nConnection: keep-alive\r\nETag: \"69f25674-40b8\"\r\nAccept-Ranges: bytes\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Nginx:1.28.0","description":"Nginx is a web server that can also be used as a reverse proxy, load balancer, mail proxy and HTTP cache.","website":"https://nginx.org/en","common_platform_enumeration":"cpe:2.3:a:f5:nginx:*:*:*:*:*:*:*:*","icon":"Nginx.svg","categories":["Web servers","Reverse proxies"]}],"data":{"size":16568,"size_decoded":0,"mime_type":"font/woff","magic":"Web Open Font Format, TrueType, length 16568, version 1.1","md5":"23facbf845d56af99e5a7d8d6eb0b74e","sha1":"b0270e9c1081ba45dc2d7bee632e30770ac1fe1b","sha256":"06740bed37ae127653a71aafd5ef45de0238e7622639a9ab6dbf1f2144890a0c","sha512":"a32d448d6977b4bc06fbfada1d6f72be737bab9efb2786bacc13a7542db3915646c5543d5ccf6a3d13b7d07ab291f22f899a9945699862be6d5a55f24e6722a0","ssdeep":"384:66SG/HU8idxUsnaub7wCzJJKQGp+FohCaSaYN13hOiUYYw/tM:/08mlNz3Yc4Caw3ojY//C","tlshash":"1b72e06a2e05e699df06b071fca89388b271f06028525f53fec2e416cfdad519784bf4","first_seen":"2023-04-05T08:20:12Z","last_seen":"2026-05-10T22:11:45.730797Z","times_seen":277,"resource_available":false,"data":null}},"time_used":159,"timings":{"blocked":93,"dns":0,"connect":0,"send":0,"wait":65,"receive":1,"ssl":0},"alerts":{"ids":null,"analyzer":[{"sensor_name":"dns4eu","sensor_type":"DNS","title":"DNS4EU","description":"DNS4EU","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"","link":"https://www.joindns4.eu/","meta":null},{"sensor_name":"quad9","sensor_type":"DNS","title":"Quad9 DNS","description":"Quad9 DNS","scan_date":"2026-05-08","alert":"Sinkholed","trigger":"metemask.com.co","verdict":"malicious","severity":"medium","comment":"Sinkholed in DNS","link":"https://www.quad9.net","meta":null},{"sensor_name":"opendns","sensor_type":"DNS","title":"OpenDNS","description":"OpenDNS","scan_date":"2026-05-08","alert":"Phishing Block","trigger":"metemask.com.co","verdict":"phishing","severity":"medium","comment":"","link":"https://www.opendns.com/","meta":null}],"urlquery":null}}]}