Report - www.mymetamask-support.xyz/meta/CrYpTo.php

Report Overview

Submitted URL
www.mymetamask-support.xyz/meta/CrYpTo.php
IP
169.239.129.37
ASN
#61138 Zappie Host LLC
Submitted
2023-05-22 01:16:51
Access
public
Website Title
Final URL
Tags
crypto phishing
urlquery detections
Phishing - Generic Crypto/Wallet

Detections

urlquery
29
Network Intrusion Detection
0
Threat Detection Systems
66

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-21	2.0 kB	4.2 kB	142.250.74.131
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-21	919 B	5.0 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2023-05-22	4.8 kB	132 kB	216.58.207.227
accdn.lpsnmedia.net	3410	2010-08-04	2014-02-08	2023-05-21	1.5 kB	38 kB	178.249.97.99
www.gstatic.com	unknown	2008-02-11	2016-07-26	2023-05-21	7.3 kB	902 kB	142.250.74.35
forms.hsforms.com	5160	2013-09-18	2018-03-07	2023-05-21	493 B	6.9 kB	104.17.210.243
www.mymetamask-support.xyz	unknown	2023-05-17	2023-05-18	2023-05-22	20 kB	2.0 MB	169.239.129.37
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-05-21	660 B	1.9 kB	172.64.155.188
www.google.com	7	1997-09-15	2015-05-10	2023-05-21	5.3 kB	145 kB	142.250.74.132
perf.hsforms.com	10768	2013-09-18	2020-07-03	2023-05-21	517 B	1.1 kB	104.17.210.243
metamask.io	81413	2015-07-02	2015-11-15	2023-05-21	876 B	34 kB	185.199.111.153
js.hsforms.net	7264	2013-09-18	2013-09-26	2023-05-21	956 B	172 kB	104.16.186.65
lpcdn.lpsnmedia.net	3501	2010-08-04	2014-04-27	2023-05-21	1.2 kB	81 kB	178.249.97.98

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-05-21	medium	www.mymetamask-support.xyz/meta/CrYpTo.php

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-22	medium	www.mymetamask-support.xyz/meta/CrYpTo.php
2023-05-22	medium	www.mymetamask-support.xyz/CrYpTo.php
2023-05-22	medium	www.mymetamask-support.xyz/
2023-05-22	medium	www.mymetamask-support.xyz/unlocked.php
2023-05-22	medium	www.mymetamask-support.xyz/
2023-05-22	medium	www.mymetamask-support.xyz/meta/css
2023-05-22	medium	www.mymetamask-support.xyz/meta/plx.chock.js
2023-05-22	medium	www.mymetamask-support.xyz/meta/webfont.js.download
2023-05-22	medium	www.mymetamask-support.xyz/meta/tag.js.download
2023-05-22	medium	www.mymetamask-support.xyz/meta/analytics.js.download
2023-05-22	medium	www.mymetamask-support.xyz/meta/enterprise.js.download
2023-05-22	medium	www.mymetamask-support.xyz/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
2023-05-22	medium	www.mymetamask-support.xyz/meta/js
2023-05-22	medium	www.mymetamask-support.xyz/meta/recaptcha__nl.js.download
2023-05-22	medium	www.mymetamask-support.xyz/meta/storage.secure.min.js.download
2023-05-22	medium	www.mymetamask-support.xyz/meta/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
2023-05-22	medium	www.mymetamask-support.xyz/meta/v2.js.download
2023-05-22	medium	www.mymetamask-support.xyz/meta/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
2023-05-22	medium	www.mymetamask-support.xyz/meta/mm-logo.svg
2023-05-22	medium	www.mymetamask-support.xyz/meta/jsonp
2023-05-22	medium	www.mymetamask-support.xyz/meta/webflow.js.download
2023-05-22	medium	www.mymetamask-support.xyz/meta/EuclidCircularB-Regular-WebXL.woff2
2023-05-22	medium	www.mymetamask-support.xyz/meta/EuclidCircularB-Bold-WebXL.woff2
2023-05-22	medium	www.mymetamask-support.xyz/meta/saved_resource.html
2023-05-22	medium	www.mymetamask-support.xyz/meta/anchor.html
2023-05-22	medium	www.mymetamask-support.xyz/meta/saved_resource(1).html
2023-05-22	medium	www.mymetamask-support.xyz/meta/bframe.html
2023-05-22	medium	www.mymetamask-support.xyz/meta/recaptcha__nl.js.download
2023-05-22	medium	www.mymetamask-support.xyz/meta/recaptcha__nl.js.download
2023-05-22	medium	www.mymetamask-support.xyz/meta/saved_resource(2).html
2023-05-22	medium	www.mymetamask-support.xyz/meta/bframe.html
2023-05-22	medium	www.mymetamask-support.xyz/meta/anchor.html

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (52)

	URL	Size	First Seen	Last Seen
	www.mymetamask-support.xyz/meta/bframe.html	75 B	2023-03-07	2024-04-26
Pretty URL www.mymetamask-support.xyz/meta/bframe.html IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15:59 Last Seen2024-04-26 07:08:22 Times Seen10399 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit	1.0 kB	2023-05-20	2023-05-25
Pretty URL www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 01:57:07 Last Seen2023-05-25 20:35:39 Times Seen28 Hash ac459b16a2293671fc32543b590b5fd1 8dddce81e27fd60e82befe9c263f2e4d71f53eaf 9c94074f205af8c20e34c994f21fc657bb0f9fdbbabdb1aa9fd1e7abd35cac1b Loading...

	www.mymetamask-support.xyz/meta/bframe.html	175 B	2023-03-07	2024-04-12
Pretty URL www.mymetamask-support.xyz/meta/bframe.html IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17:36 Last Seen2024-04-12 19:27:19 Times Seen275 Hash 117ee3a6ec35b36713c5e48205ff5fce 8f892b6a14a32c6e5e1cf000d06b18535a7b6238 7317f1aa4ede14314da978897b86477afe5fbc7b634899c0e33a740ca235e675 Loading...

	www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js	418 kB	2023-05-18	2023-06-28
Pretty URL www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 01:27:56 Last Seen2023-06-28 00:20:35 Times Seen22262 Hash 213e1a6e418f3df36f2ec077314ef525 7a553e545a48271f3afec47b3ed5f3518cfdd7b4 ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d Loading...

	www.mymetamask-support.xyz/unlocked.php	73 B	2023-03-07	2024-04-06
Pretty URL www.mymetamask-support.xyz/unlocked.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24:43 Last Seen2024-04-06 20:09:38 Times Seen403 Hash ccf7a258eee5e12d2cb3d813a5da86c8 0d0c6985e493d2f610870c9259901a2511734328 441b05bfa42c0b589fd682ec21e9ba36e55f6ec2718fbb259a812cd0b999c28e Loading...

	www.mymetamask-support.xyz/unlocked.php	181 B	2023-03-07	2024-04-26
Pretty URL www.mymetamask-support.xyz/unlocked.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17:43 Last Seen2024-04-26 06:38:02 Times Seen3768 Hash 0e9e3ad57abeefde87342864450cc232 4dc8676bf3417d597053d5f253fce034007f63da 9a37601d1f5a5f2fba3b000694d4bf5e035c606d5485dd94e2997cbe2efe5c26 Loading...

	www.google-analytics.com/analytics.js	4.7 kB	2023-04-11	2024-04-26
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-26 07:08:22 Times Seen341822 Hash f24128d0c9cba7be2916c693427a3483 1b6397d496ea896ebc2018b01b995cee4f166029 58173de4697da1a218f04c3a783a733bab4e769ceabc37cd42da9dc3e036a7e8 Loading...

	www.mymetamask-support.xyz/meta/v2.js.download	579 kB	2023-03-09	2024-04-12
Pretty URL www.mymetamask-support.xyz/meta/v2.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 10:05:33 Last Seen2024-04-12 19:27:20 Times Seen197 Hash d3b2366c9977c975fc6abdc6a119c361 ed6031ba0b0efe5b77acd0382f8d647f2cc88018 7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25 Loading...

	www.mymetamask-support.xyz/meta/jquery-3.5.1.min.dc5e7f18c8.js.download	90 kB	2023-03-07	2024-04-26
Pretty URL www.mymetamask-support.xyz/meta/jquery-3.5.1.min.dc5e7f18c8.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 07:07:48 Times Seen139338 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	www.mymetamask-support.xyz/unlocked.php	274 B	2023-03-13	2023-05-22
Pretty URL www.mymetamask-support.xyz/unlocked.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 03:12:09 Last Seen2023-05-22 03:16:56 Times Seen3 Hash 353230b8b5eccdcd5033edd693ec98ac f66079ec890e080181a4bc1fb68dbd0a89150792 65c335228ad6d36e3737c89b0b4c33ab0dfd49a8a85d00948f35dd9a49e3572c Loading...

	accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB	3.4 kB	2023-05-22	2023-06-17
Pretty URL accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB IP 178.249.97.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 03:16:56 Last Seen2023-06-17 01:40:09 Times Seen4 Hash efc764ea52ba49f7a2f172d9426a27ba 407eb11ddf9985df4ab9e066f4650ff40e0e316c d07654f7348534d423dc1b1c69a8ac314c6f46a77a2872f76302f294948e295f Loading...

	lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fwww.mymetamask-support.xyz&site=88982875&env=prod&isCrossDomain=true	39 kB	2023-03-07	2024-03-12
Pretty URL lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fwww.mymetamask-support.xyz&site=88982875&env=prod&isCrossDomain=true IP 178.249.97.98 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:02:45 Last Seen2024-03-12 06:48:19 Times Seen234 Hash a3a38a5d6888ddc1831a811e9d428c77 2ca5b076aea8b4c6ff7ad1873de4ade91d66511f d4676cbbadec76c9f89f5b771a7f4927d544b4d76801e40e9957493e038e0db4 Loading...

	www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm	0 B	2023-03-07	2024-04-26
Pretty URL www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 07:08:25 Times Seen37086020 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.mymetamask-support.xyz/unlocked.php	209 B	2023-03-13	2023-05-22
Pretty URL www.mymetamask-support.xyz/unlocked.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 03:12:09 Last Seen2023-05-22 03:16:56 Times Seen3 Hash c1dca1e5e906cb67279c7c04b2daba3b 11dbc0483d5c109b126d12bd1364c9b787019139 e23b4fe116346dbd034ca7d8325a385db8aac47340ee3b3a6cdcd134911da34f Loading...

	forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=	5.8 kB	2023-05-22	2023-05-22
Pretty URL forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= IP 104.17.210.243 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 03:16:56 Last Seen2023-05-22 03:16:56 Times Seen1 Hash 31469423dd7f2e6634699cbee2aa8d5a 78316146e4634e2662badb225ff24028d947e145 b4bdf5bf595038dd17305a75dc11da2983cb459d8ca03c9b65dad446a6f2116e Loading...

	www.mymetamask-support.xyz/meta/plx.chock.js	3.4 kB	2023-03-07	2024-04-02
Pretty URL www.mymetamask-support.xyz/meta/plx.chock.js IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:10 Last Seen2024-04-02 06:38:24 Times Seen660 Hash 5acfeead7d13511cdef767305b87e3f8 ec5337e62f1e64d3aaba3bf41a41b5f876964922 b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246 Loading...

	www.mymetamask-support.xyz/unlocked.php	164 B	2023-03-07	2024-04-06
Pretty URL www.mymetamask-support.xyz/unlocked.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:19 Last Seen2024-04-06 20:09:39 Times Seen296 Hash 9fb685752617cf9403453cc16f9b0469 84d82954770f482fbea43960d5a5dc36e3572d1a d57443d0c7faf37db40a6058be8401314277c4b2662d8ed301ee6c0bd99a8c4d Loading...

	www.mymetamask-support.xyz/sandbox%20eval%20code	147 B	2023-04-11	2024-04-26
Pretty URL www.mymetamask-support.xyz/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:07:53 Last Seen2024-04-26 07:08:22 Times Seen342321 Hash 92b651082ce234f66bb544e678befda3 14c21c55ddce43b6f677caadf51d4ab98c6a3df8 25d57d1d97abeb84531d3d3e5754dd5cb19a2c115edfa7cfc7af8247084faded Loading...

	www.mymetamask-support.xyz/meta/enterprise.js.download	1.0 kB	2023-03-07	2024-04-12
Pretty URL www.mymetamask-support.xyz/meta/enterprise.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:10 Last Seen2024-04-12 19:27:20 Times Seen572 Hash d07e7630bc23cbdd7520d0a4f086c922 b50685923a96d55109959fdf21f369d902971b2a 15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2 Loading...

	accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb54576x44803	113 B	2023-05-22	2023-05-22
Pretty URL accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb54576x44803 IP 178.249.97.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 03:16:56 Last Seen2023-05-22 03:16:56 Times Seen1 Hash 7021d27676ff598f7e342a588c2d667f 949d00de62002dc1e5ae8e1fae2169fb9a2bd292 8a1006c38dd7f9f77361863430f7bc96aebcf8548fc6045a7240a0384a9a33cd Loading...

	accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb662x49465	6.5 kB	2023-05-22	2023-05-22
Pretty URL accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb662x49465 IP 178.249.97.99 ASN #11054 LIVEPERSON Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-22 03:16:56 Last Seen2023-05-22 03:16:56 Times Seen1 Hash a7d79dd22dda5dfb8c6fe9a38a4b312e 9f3133630292ba2ab1594529a78dc213c66b1de9 cdabe626b2dbb35bb337fc70060af5f57df55aa19d463e108e44ba59ff376ff3 Loading...

	www.mymetamask-support.xyz/unlocked.php	1.8 kB	2023-03-07	2024-04-02
Pretty URL www.mymetamask-support.xyz/unlocked.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 17:55:49 Last Seen2024-04-02 06:38:23 Times Seen241 Hash 8b1fb904d189e68aaf32a2223915fdfd d1a510fab3db50f7482275581d2171914e1d6631 c1863d7b43731c0cb9a160099c3fa80215e0b0966f27061f78eb6af1da84f026 Loading...

	www.mymetamask-support.xyz/meta/tag.js.download	22 kB	2023-03-07	2024-04-12
Pretty URL www.mymetamask-support.xyz/meta/tag.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-12 19:27:20 Times Seen539 Hash e2ee8a9cd68c3d310a4c62fdb4b5c93a 67eb5f9547f1d9de0a8b143c3b50511c26281399 145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7 Loading...

	js.hsforms.net/forms/v2.js	539 kB	2023-05-18	2023-05-23
Pretty URL js.hsforms.net/forms/v2.js IP 104.16.186.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-18 13:36:27 Last Seen2023-05-23 10:56:47 Times Seen149 Hash 1d656df477d6edca6241500e32135a70 66db6eb2d28f2c35a198d945a2a65de6f517a913 5ec1775c9dd3e265b5199c3661b38cae053affae10152beb5a6a1217bf4668f4 Loading...

	www.mymetamask-support.xyz/meta/anchor.html	33 kB	2023-03-09	2024-04-12
Pretty URL www.mymetamask-support.xyz/meta/anchor.html IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-09 10:05:33 Last Seen2024-04-12 19:27:19 Times Seen129 Hash 27fe4cb47aa233ddd8165960b6d65929 11cc82d6e20cc46d88bacc3ed4bfb3f24bbf4b3b 692d9a7342c1fcb4c0417afee37d21695396088ca85a5a29f116f63189e0c595 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cubXltZXRhbWFzay1zdXBwb3J0Lnh5ejo0NDM.&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=jsi7xlh7htew	43 kB	2023-05-22	2023-05-22
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cubXltZXRhbWFzay1zdXBwb3J0Lnh5ejo0NDM.&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=jsi7xlh7htew IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 03:16:56 Last Seen2023-05-22 03:16:56 Times Seen1 Hash b4eed5760f8c5a0f33be2eb24ce89625 d3bd2b9318dea53024ab741e4c6600676955787e 67d2c4316c3ac23351c57aa6bcbedc4340d5cae46bc2c81683be511941043fa7 Loading...

	www.mymetamask-support.xyz/unlocked.php	116 B	2023-03-07	2024-04-06
Pretty URL www.mymetamask-support.xyz/unlocked.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:19 Last Seen2024-04-06 20:05:07 Times Seen234 Hash 65eedcd8ea68974fc10b18a001f5ff0d d57d865c29e2ba5f817f850194c33f6d1e7ea064 681e6299492c0b7a15980513d81a420ff8d912dadc14d90148b77bd81018926e Loading...

	www.mymetamask-support.xyz/meta/recaptcha__nl.js.download	354 kB	2023-03-07	2024-04-12
Pretty URL www.mymetamask-support.xyz/meta/recaptcha__nl.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:10 Last Seen2024-04-12 19:27:20 Times Seen583 Hash e735084e8ffed1ad8d89df08d98d4d23 6cdab8dac12030c8bc980ec129affecc626285c3 6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b Loading...

	www.mymetamask-support.xyz/meta/analytics.js.download	50 kB	2023-03-07	2024-04-25
Pretty URL www.mymetamask-support.xyz/meta/analytics.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 19:24:16 Times Seen842 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

	www.mymetamask-support.xyz/unlocked.php	184 B	2023-03-07	2024-04-06
Pretty URL www.mymetamask-support.xyz/unlocked.php IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02:20 Last Seen2024-04-06 20:09:39 Times Seen261 Hash 12c0659e2686c193368d09f53edc8090 e2a481f856253ec2b3dfe266ab035bc1ca650b72 7269e1e3bae2d22edc632e41922fd7e090dd785fdb749c05b577f78e9126075c Loading...

	www.mymetamask-support.xyz/meta/storage.secure.min.js.download	39 kB	2023-03-07	2024-04-12
Pretty URL www.mymetamask-support.xyz/meta/storage.secure.min.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:45 Last Seen2024-04-12 19:27:20 Times Seen657 Hash 3386ec5559f1ba569cf0ab6acab436cc e98e11d37c5172ee128a85f68447efb3cb0e853c 996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73 Loading...

	js.hsforms.net/forms-next/shell-recaptcha	540 B	2023-04-05	2024-04-12
Pretty URL js.hsforms.net/forms-next/shell-recaptcha IP 104.16.186.65 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-05 05:29:16 Last Seen2024-04-12 19:27:19 Times Seen150 Hash 0ef8295b6b00040322f2dcbc2dad3a7b 3c3f471eb10ddba84126b623484930b3c99a8014 8f6e0ed5457a4e0086d8f5754cf5beb474f716ed08184676d4768c88bffb2c63 Loading...

	www.mymetamask-support.xyz/meta/js	92 kB	2023-03-07	2024-03-12
Pretty URL www.mymetamask-support.xyz/meta/js IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:36 Last Seen2024-03-12 06:48:21 Times Seen508 Hash fb2ab9b8632250b0d7aa50c08150cfe1 73b3f266ac08c9fb07e1de1664fed384ccd5bc86 5d419e0ff614b331e4f8fed2ba7c1380b1f5983f98d820a6a0f7040b55f60b5b Loading...

	www.mymetamask-support.xyz/meta/jsonp	278 kB	2023-03-07	2024-03-12
Pretty URL www.mymetamask-support.xyz/meta/jsonp IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:29:10 Last Seen2024-03-12 06:48:21 Times Seen411 Hash 7efac8c0fa8e30db7a423500ef59abab be73717f776f24dd31498c27a1b02b784570d5bb 102411780270584690575675e14e574ef8a16cf6fdd5700d5682e68a8d2cc00d Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=du79376ysqo	44 kB	2023-05-22	2023-05-22
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=du79376ysqo IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-22 03:16:56 Last Seen2023-05-22 03:16:56 Times Seen1 Hash 305f54d8c6a292d89ac72f4a181a16db 8c54f0153ad9e70071e81d9d4107f83600fcdefc 392c4c5b57a852401f11e44f104dfd77f8de5b219f5d534a96b410ba785fa0a4 Loading...

	www.mymetamask-support.xyz/meta/webfont.js.download	13 kB	2023-03-07	2024-04-26
Pretty URL www.mymetamask-support.xyz/meta/webfont.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:17 Last Seen2024-04-26 06:38:02 Times Seen22425 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	www.mymetamask-support.xyz/meta/webflow.js.download	601 kB	2023-03-07	2024-04-12
Pretty URL www.mymetamask-support.xyz/meta/webflow.js.download IP 169.239.129.37 ASN #61138 Zappie Host LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:36 Last Seen2024-04-12 19:27:20 Times Seen596 Hash 9758f7e3aa0c79ea7a3cadb16d10087b 07f3c4e552e28eba6172f53d6dcf981a55f42031 0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d Loading...

		Size	First Seen	Last Seen
	#1 Eval - fd7c0c15d1b378e5ccedf331aaba47e6	22 kB	2023-05-08	2023-05-22
Pretty Observations First Seen2023-05-08 23:23:26 Last Seen2023-05-22 03:16:56 Times Seen3 Hash fd7c0c15d1b378e5ccedf331aaba47e6 18e1e9b263d5dc43a8cc36410dcbc84811f0e0d8 e7407c5d4e9ec1e3f0c8a96b8766f147d297dbcad138d4b6da4f88285e1537bc Loading...

	#2 Eval - 5364e184d34d0f3a4fcda5e4364a8d60	22 B	2023-05-01	2023-05-22
Pretty Observations First Seen2023-05-01 07:33:24 Last Seen2023-05-22 08:57:21 Times Seen2992 Hash 5364e184d34d0f3a4fcda5e4364a8d60 45fb1061135b962ba25f1bc1381fab5ef8f1c937 4955a7384627542e784314d78db3199cf2eba40213acbf2a2bcb0c08f80036d0 Loading...

	#3 Eval - b4382637425dcbd2b7193f4869bd2ea7	22 B	2023-05-10	2023-06-06
Pretty Observations First Seen2023-05-10 11:43:39 Last Seen2023-06-06 08:49:14 Times Seen1953 Hash b4382637425dcbd2b7193f4869bd2ea7 97cabfec2628032d4d148d0910b4056a3f34adfb 527c9e3edfb79e372ec5ac05510312764bd14023d848d9ac4746daecba21f13c Loading...

	#4 Eval - 453898479b7359e3b1a10a5d343d58ff	21 kB	2023-03-12	2023-05-22
Pretty Observations First Seen2023-03-12 10:56:54 Last Seen2023-05-22 03:16:56 Times Seen2 Hash 453898479b7359e3b1a10a5d343d58ff ceca9339fae8524448b41265dcbbf2958ad45087 00107b272bb83055e127c4af3e826fc394ed690643c88b0d9c8809b59f8ae20d Loading...

	#5 Eval - 3486f9c2a32195c9fc5562d98041874c	16 kB	2023-05-10	2023-06-06
Pretty Observations First Seen2023-05-10 11:43:39 Last Seen2023-06-06 08:49:14 Times Seen1955 Hash 3486f9c2a32195c9fc5562d98041874c 4c4f3719194eece131e126860cc1bac9738d0456 92e4d4a9c97f6b559c3514fc92b5e34d8a95d9e71c4e5bb78ca1dad12ba88b75 Loading...

	#6 Eval - 8239ee6044ad7e817a1f26d19412f6eb	22 B	2023-03-09	2024-04-12
Pretty Observations First Seen2023-03-09 10:05:34 Last Seen2024-04-12 19:27:19 Times Seen105 Hash 8239ee6044ad7e817a1f26d19412f6eb 7116e217d05810b609ff09ac21e2c6097f14484c df78f0db59a013604da430bf67714a0445ddb583f42925592cfed1774716374d Loading...

	#7 Eval - eb94905b9da3f67da3f000d1bb6efbde	64 B	2023-03-09	2024-04-12
Pretty Observations First Seen2023-03-09 10:05:33 Last Seen2024-04-12 19:27:19 Times Seen106 Hash eb94905b9da3f67da3f000d1bb6efbde 1d3286e8759266d0f632990a00153ac614ca6c39 ef56a8332ced72dcd8b9a2756ce1fe129be6db47ca4863412b51e8028a9d1eb2 Loading...

	#8 Eval - 272eb139968a9665de1db4beccf568d2	22 B	2023-03-09	2024-04-12
Pretty Observations First Seen2023-03-09 10:05:33 Last Seen2024-04-12 19:27:19 Times Seen106 Hash 272eb139968a9665de1db4beccf568d2 e6505fdd0680c557e102b20212d31942c7d24429 26ef4c313a8ffd1b7fc79977328690a19336ac1187fa07d9cfc3a8327f5a08ba Loading...

	#9 Eval - db239010a87e10045c38d68d80d53193	22 B	2023-05-10	2023-06-06
Pretty Observations First Seen2023-05-10 11:43:39 Last Seen2023-06-06 08:49:14 Times Seen1958 Hash db239010a87e10045c38d68d80d53193 1b4a5ec9e7be6d7ecf80e8da870c873e95a841d6 8e841e21866babc6374341c8912a81266537f7ad8747bbf62dfbf5b782427bc4 Loading...

	#10 Eval - 15760900e488ec647450f20eeaa49944	15 kB	2023-03-09	2024-04-12
Pretty Observations First Seen2023-03-09 10:05:33 Last Seen2024-04-12 19:27:19 Times Seen106 Hash 15760900e488ec647450f20eeaa49944 208ad236b244f8adbd138cda9ad9f7f1d4e7758e 90d9c75dc0b4578e5468206d805353952b0a650c707ac7f9632b29f3694c1dff Loading...

	#11 Eval - 30c6392a415fefbecc2ccc51f1cea5db	16 kB	2023-05-01	2023-05-22
Pretty Observations First Seen2023-05-01 07:33:24 Last Seen2023-05-22 08:57:21 Times Seen3005 Hash 30c6392a415fefbecc2ccc51f1cea5db 2a3d9e31aceee14cedbd05d01bb0b6d57f7a0225 f40480b105fec606010baf2ea92b5a82054d89a0377e0496e9d3970b8ce579ad Loading...

	#12 Eval - 2b881d32a6a0b48d185e389bd0b91931	62 B	2023-05-01	2023-05-22
Pretty Observations First Seen2023-05-01 07:33:24 Last Seen2023-05-22 08:57:21 Times Seen3001 Hash 2b881d32a6a0b48d185e389bd0b91931 98965741924507c43b8988bece1d64d1034a59e7 06590eea32ab353d93f380bece6fd608e0c1c654ae2940324f1b37220fb9d92a Loading...

	#13 Eval - 6b8c32c007c049460ee6d105d0beb960	22 B	2023-05-01	2023-05-22
Pretty Observations First Seen2023-05-01 07:33:24 Last Seen2023-05-22 08:57:21 Times Seen3006 Hash 6b8c32c007c049460ee6d105d0beb960 83658b4231689597ca5f826ebc649b7a7f4110ec 130c7f22f74183c266bbc9f070a1d0132666fc31834684f792af7968b17784d8 Loading...

	#14 Eval - 23b753d05784da1c4125203733d15e07	16 kB	2023-05-22	2023-05-29
Pretty Observations First Seen2023-05-22 03:16:56 Last Seen2023-05-29 14:01:40 Times Seen2 Hash 23b753d05784da1c4125203733d15e07 bebab63921ab5f5d0ac747bab27f9074534a1c15 e58899455ba3c63a0e2e98e5f6bdb33551c98ce1d7f3d3f47606cca4318cabc0 Loading...

	#15 Eval - 3e17aa65db170d8d135c100ada8fb5e6	64 B	2023-05-10	2023-06-06
Pretty Observations First Seen2023-05-10 11:43:39 Last Seen2023-06-06 08:49:14 Times Seen1959 Hash 3e17aa65db170d8d135c100ada8fb5e6 2cccef52fe8dbfcffd7cebb2ae7ebc4c70c91b15 abe6e0a658bdad68d3e9185ac581468444ce5f020f508313ac8b38772e102eae Loading...

HTTP Transactions (91)

URL IP Response Size

www.mymetamask-support.xyz/meta/CrYpTo.php

169.239.129.37

302 Found

0 B

URL User Request GET HTTP/1.1
www.mymetamask-support.xyz/meta/CrYpTo.php
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/CrYpTo.php HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Mon, 22 May 2023 01:16:26 GMT
Server: Apache/2.4.29 (Ubuntu)
Set-Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
location: ../CrYpTo.php
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.mymetamask-support.xyz/CrYpTo.php

169.239.129.37

302 Found

0 B

URL User Request GET HTTP/1.1
www.mymetamask-support.xyz/CrYpTo.php
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /CrYpTo.php HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Mon, 22 May 2023 01:16:27 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Location: unlocked.php
Content-Length: 0
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.mymetamask-support.xyz/

169.239.129.37

335 B

URL
www.mymetamask-support.xyz/
IP
169.239.129.37:0
ASN
#61138 Zappie Host LLC

Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
335 B (335 bytes)
Hash
bed42ab0358fe4fafd686f0c7c40f27f
efc83340a3a6d78ea330185ed6ac124621b28fe2
4e3999d9fdfdd860daaecf34cc678a8a28cbb9a7c657b5006db28890bc46d567

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Mon, 22 May 2023 01:16:29 GMT
Server: Apache/2.4.29 (Ubuntu)
Location: https://www.mymetamask-support.xyz/
Content-Length: 335
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

www.mymetamask-support.xyz/unlocked.php

169.239.129.37

200 OK

5.5 kB

URL User Request GET HTTP/1.1
www.mymetamask-support.xyz/unlocked.php
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1843)
Size
5.5 kB (5526 bytes)
Hash
34cf5b48493ac8c38ba035059f77a4bd
9f4c5517b513fe426cbfd7ffa32ddc13f1aa1ede
77735722997dbb265242d5bdbb1782aab8afc8ee2ea48c5612e9b822918f31bb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /unlocked.php HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:29 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5526
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

www.mymetamask-support.xyz/

169.239.129.37

5.4 kB

URL
www.mymetamask-support.xyz/
IP
169.239.129.37:0
ASN
#61138 Zappie Host LLC

Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1843)
Size
5.4 kB (5446 bytes)
Hash
9c5fe9cbc89c01c73051949163eb9b2c
12d9d2f7b55893c17ae79ffb3af69e658cc1d7d8
a6a290f402a5d79b5caa58cadf4de75a3a9963af9ba9e165b8237b286353a6e8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5446
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3b91f01d5207d1641bcdd0ee53561353
4ef7d6092b868eb8b500e8729efb4301e1d1f4be
b36bd6756866f8c7ebebee886314ac7ee381615d365b7509c008df8f57ecf655

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 01:16:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.mymetamask-support.xyz/meta/normalize.css

169.239.129.37

200 OK

2.7 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/normalize.css
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text
Size
2.7 kB (2659 bytes)
Hash
4951cc88307c632cf285d3ba988ab283
031d58bc40b4242b27d8171a01bb0ecb5f9d22d7
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /meta/normalize.css HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:05 GMT
ETag: "1e5c-5fc219d37cacf-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2659
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

812 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
gzip compressed data, max compression\012- data
Size
812 B (812 bytes)
Hash
7b05a56ac825b7c8cb362738c39bd47c
4fa08f0f1a6f023392d43998ac0c0b78f679b9f0
576ebdd010fb32250fbcc6461b97c7e0287cbc73d2c6b15d827f649f207c23a8

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 22 May 2023 01:16:30 GMT
date: Mon, 22 May 2023 01:16:30 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.mymetamask-support.xyz/meta/webflow.css

169.239.129.37

200 OK

9.3 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/webflow.css
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
Unicode text, UTF-8 text, with very long lines (2587)
Size
9.3 kB (9294 bytes)
Hash
13fc860cb6eddbf469d986e1a6b6480b
6bb85ecdc704734f59d4984d202f75b02048a58d
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /meta/webflow.css HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:24 GMT
ETag: "98c5-5fc219e55ad49-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9294
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.mymetamask-support.xyz/meta/css

169.239.129.37

200 OK

684 B

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/css
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text
Size
684 B (684 bytes)
Hash
147429fb2ddc3861e2ae0f473f17d78e
f2bdce63e15b9f3b90c8c3b153deb75b28eb69e3
25d501d70fcb9835f935fd47e045502700dc5f862cd7e763a49bbc7316396f2a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/css HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:42 GMT
ETag: "2ac-5fc219bdca10d"
Accept-Ranges: bytes
Content-Length: 684
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive

www.mymetamask-support.xyz/meta/plx.chock.js

169.239.129.37

200 OK

311 B

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/plx.chock.js
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text
Size
311 B (311 bytes)
Hash
5acfeead7d13511cdef767305b87e3f8
ec5337e62f1e64d3aaba3bf41a41b5f876964922
b9417c5359a2259bb564852a1ebd2b743b79ac06efdee42dc53456f8445ad246

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/plx.chock.js HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:07 GMT
ETag: "d41-5fc219d5e4e0c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 311
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.mymetamask-support.xyz/meta/webfont.js.download

169.239.129.37

200 OK

5.4 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/webfont.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (2134)
Size
5.4 kB (5415 bytes)
Hash
7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/webfont.js.download HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:25 GMT
ETag: "3384-5fc219e6d3c73-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5415
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.mymetamask-support.xyz/meta/tag.js.download

169.239.129.37

200 OK

7.5 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/tag.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (21652), with no line terminators
Size
7.5 kB (7541 bytes)
Hash
e2ee8a9cd68c3d310a4c62fdb4b5c93a
67eb5f9547f1d9de0a8b143c3b50511c26281399
145d14bb73e5b03cc73062c2a78c392125b891c62b1cc9d542e5adba762f04e7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/tag.js.download HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:20 GMT
ETag: "5494-5fc219e210119-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7541
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

www.mymetamask-support.xyz/meta/metamask-staging-2.webflow.css

169.239.129.37

200 OK

18 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/metamask-staging-2.webflow.css
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text
Size
18 kB (17647 bytes)
Hash
ba952defcfea60e6655d055e0e3d7588
1be55967c320384267f3b43366c2842bb45b7946
eb28270feafcfa2eb9c5dcd16142555152d9619bfc1682a6da38cd78f646e6fd

HTTP Headers

GET /meta/metamask-staging-2.webflow.css HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:00 GMT
ETag: "22b37-5fc219ceb1275-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17647
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

www.mymetamask-support.xyz/meta/analytics.js.download

169.239.129.37

200 OK

20 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/analytics.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (1325)
Size
20 kB (20042 bytes)
Hash
d40531c5e99a6f84e42535859476fe35
a901817d77b2fe5259c298c91bc65c54d7f8a1a9
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/analytics.js.download HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:37 GMT
ETag: "c41d-5fc219b89ed79-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20042
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

www.mymetamask-support.xyz/meta/enterprise.js.download

169.239.129.37

200 OK

614 B

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/enterprise.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
614 B (614 bytes)
Hash
d07e7630bc23cbdd7520d0a4f086c922
b50685923a96d55109959fdf21f369d902971b2a
15c0f679abecff8fba48dbe673343f3e0f2a07c439d3f631722fccd2af2e1df2

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/enterprise.js.download HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:44 GMT
ETag: "3f0-5fc219bf33638-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 614
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d34f0af5cb22586cc436ab96da5df7cc
91c7686c859dd34556de215681e7124a8af7cb70
3e6027d2501218ce83cd136b33af94417d03c38330873e6d80570f00c6c0c8e8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 01:16:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d34f0af5cb22586cc436ab96da5df7cc
91c7686c859dd34556de215681e7124a8af7cb70
3e6027d2501218ce83cd136b33af94417d03c38330873e6d80570f00c6c0c8e8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 01:16:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size
7.9 kB (7900 bytes)
Hash
61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

HTTP Headers

GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mymetamask-support.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 06:19:20 GMT
expires: Fri, 17 May 2024 06:19:20 GMT
cache-control: public, max-age=31536000
age: 327431
last-modified: Thu, 21 Apr 2022 17:15:19 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.mymetamask-support.xyz/meta/jquery-3.5.1.min.dc5e7f18c8.js.download

169.239.129.37

200 OK

31 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/jquery-3.5.1.min.dc5e7f18c8.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (30910 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/jquery-3.5.1.min.dc5e7f18c8.js.download HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:52 GMT
ETag: "15d84-5fc219c7a577d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30910
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

216.58.207.227

200 OK

8.4 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Size
8.4 kB (8404 bytes)
Hash
141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

HTTP Headers

GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mymetamask-support.xyz
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 07:46:25 GMT
expires: Fri, 17 May 2024 07:46:25 GMT
cache-control: public, max-age=31536000
age: 322206
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d34f0af5cb22586cc436ab96da5df7cc
91c7686c859dd34556de215681e7124a8af7cb70
3e6027d2501218ce83cd136b33af94417d03c38330873e6d80570f00c6c0c8e8

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 01:16:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.mymetamask-support.xyz/meta/js

169.239.129.37

200 OK

92 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/js
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (1815)
Size
92 kB (92325 bytes)
Hash
fb2ab9b8632250b0d7aa50c08150cfe1
73b3f266ac08c9fb07e1de1664fed384ccd5bc86
5d419e0ff614b331e4f8fed2ba7c1380b1f5983f98d820a6a0f7040b55f60b5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/js HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:54 GMT
ETag: "168a5-5fc219c964ba3"
Accept-Ranges: bytes
Content-Length: 92325
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive

www.mymetamask-support.xyz/meta/recaptcha__nl.js.download

169.239.129.37

200 OK

138 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/recaptcha__nl.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/meta/anchor.html
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (820)
Size
138 kB (137504 bytes)
Hash
e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/recaptcha__nl.js.download HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:30 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:09 GMT
ETag: "56577-5fc219d76a855-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

www.mymetamask-support.xyz/meta/storage.secure.min.js.download

169.239.129.37

200 OK

13 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/storage.secure.min.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (38562), with no line terminators
Size
13 kB (13194 bytes)
Hash
3386ec5559f1ba569cf0ab6acab436cc
e98e11d37c5172ee128a85f68447efb3cb0e853c
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/storage.secure.min.js.download HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:17 GMT
ETag: "96a2-5fc219df2cd23-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 13194
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

www.mymetamask-support.xyz/meta/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

169.239.129.37

200 OK

7.9 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7924, version 1.0\012- data
Size
7.9 kB (7924 bytes)
Hash
8c62104f4329ec3e675fbbf952e5760e
d3acaba572770ca428956ec6be406995e6ee9c0c
e2bce7e3f85456cb30a1803f8f261157ca8922d7e0b1c5baf421d65cfd87619d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/meta/css
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:27 GMT
ETag: "1ef4-5fc219e84101e"
Accept-Ranges: bytes
Content-Length: 7924
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive

www.mymetamask-support.xyz/meta/v2.js.download

169.239.129.37

200 OK

149 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/v2.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
149 kB (148638 bytes)
Hash
d3b2366c9977c975fc6abdc6a119c361
ed6031ba0b0efe5b77acd0382f8d647f2cc88018
7f82030e7f8b2956fcb539a7cf3f1d80907d28d02c2696ac0560daf3cfafaa25

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/v2.js.download HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:22 GMT
ETag: "8d511-5fc219e369c45-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

www.mymetamask-support.xyz/meta/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

169.239.129.37

200 OK

8.4 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8364, version 1.0\012- data
Size
8.4 kB (8364 bytes)
Hash
7d2d5a1272e235228039f306a0a45275
5f33ba8abd5506e1c58c3e6771872eaa712ba19f
9c6596dccd4b15e7ab0a21d6b35c75d0f0531d258f342869890165ac974706b3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/meta/css
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:28 GMT
ETag: "20ac-5fc219e9d25e7"
Accept-Ranges: bytes
Content-Length: 8364
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive

www.mymetamask-support.xyz/meta/mm-logo.svg

169.239.129.37

200 OK

12 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/mm-logo.svg
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size
12 kB (12019 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/mm-logo.svg HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:01 GMT
ETag: "2ef3-5fc219d00ada1"
Accept-Ranges: bytes
Content-Length: 12019
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/svg+xml

www.mymetamask-support.xyz/meta/wpp.gif

169.239.129.37

200 OK

3.9 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/wpp.gif
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
GIF image data, version 87a, 470 x 40\012- data
Size
3.9 kB (3877 bytes)
Hash
941648b845842a709da73e24652cf8a4
099e5f97e602d026c51537c9b45328dc99261d7c
2a7344e607a878f0acac7f5c9c3a65fc8a4423f00e21d3fb7a814cae051631d9

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /meta/wpp.gif HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:26 GMT
ETag: "f25-5fc219e7e5364"
Accept-Ranges: bytes
Content-Length: 3877
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif

www.mymetamask-support.xyz/meta/jsonp

169.239.129.37

200 OK

278 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/jsonp
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
278 kB (278382 bytes)
Hash
7efac8c0fa8e30db7a423500ef59abab
be73717f776f24dd31498c27a1b02b784570d5bb
102411780270584690575675e14e574ef8a16cf6fdd5700d5682e68a8d2cc00d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/jsonp HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:55 GMT
ETag: "43f6e-5fc219ca34bb7"
Accept-Ranges: bytes
Content-Length: 278382
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

www.mymetamask-support.xyz/meta/webflow.js.download

169.239.129.37

200 OK

147 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/webflow.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
Unicode text, UTF-8 text, with very long lines (50020)
Size
147 kB (147184 bytes)
Hash
9758f7e3aa0c79ea7a3cadb16d10087b
07f3c4e552e28eba6172f53d6dcf981a55f42031
0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/webflow.js.download HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:25 GMT
ETag: "92c10-5fc219e669559-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

ocsp.sectigo.com/

172.64.155.188

471 B

URL
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4ef9577951cb36ef9f1d43e85d707060
7dbcbd06ebfc029c03c40bbd3115701a08e230f8
ac959f4bccbb538eb2dc49b0e88d9fe36c8abd0f66292130414020c48e951f30

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 19 May 2023 14:32:24 GMT
Expires: Fri, 26 May 2023 14:32:23 GMT
Etag: "7dbcbd06ebfc029c03c40bbd3115701a08e230f8"
Cache-Control: max-age=393004,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb136de1f30b50f-OSL

www.mymetamask-support.xyz/meta/EuclidCircularB-Regular-WebXL.woff2

169.239.129.37

200 OK

45 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/EuclidCircularB-Regular-WebXL.woff2
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Size
45 kB (45196 bytes)
Hash
2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/meta/metamask-staging-2.webflow.css
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538; _ga=GA1.2.1653809851.1684718192; _gid=GA1.2.700395099.1684718192; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:45 GMT
ETag: "b08c-5fc219c0b80e2"
Accept-Ranges: bytes
Content-Length: 45196
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive

www.mymetamask-support.xyz/meta/EuclidCircularB-Bold-WebXL.woff2

169.239.129.37

200 OK

44 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/EuclidCircularB-Bold-WebXL.woff2
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Size
44 kB (44544 bytes)
Hash
9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/meta/metamask-staging-2.webflow.css
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538; _ga=GA1.2.1653809851.1684718192; _gid=GA1.2.700395099.1684718192; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:45 GMT
ETag: "ae00-5fc219c06ae87"
Accept-Ranges: bytes
Content-Length: 44544
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive

ocsp.sectigo.com/

104.18.32.68

471 B

URL
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
4ef9577951cb36ef9f1d43e85d707060
7dbcbd06ebfc029c03c40bbd3115701a08e230f8
ac959f4bccbb538eb2dc49b0e88d9fe36c8abd0f66292130414020c48e951f30

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:32 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 19 May 2023 14:32:24 GMT
Expires: Fri, 26 May 2023 14:32:23 GMT
Etag: "7dbcbd06ebfc029c03c40bbd3115701a08e230f8"
Cache-Control: max-age=392802,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7cb136de2f24b503-OSL

www.mymetamask-support.xyz/meta/saved_resource.html

169.239.129.37

200 OK

10 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/saved_resource.html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32691)
Size
10 kB (9982 bytes)
Hash
eecf7841e3ae4ea5612cd1563e779096
673a8b55ad4e89c262f44a419a2a43413d4ccf44
637cc614427ad02090df0fdc92138dcd9e009032c5f1765b3cff0ab396039ec0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /meta/saved_resource.html HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538; _ga=GA1.2.1653809851.1684718192; _gid=GA1.2.700395099.1684718192; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:13 GMT
ETag: "d79f-5fc219db7897a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9982
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html

www.mymetamask-support.xyz/meta/anchor.html

169.239.129.37

200 OK

21 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/anchor.html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33133)
Size
21 kB (21338 bytes)
Hash
2db6bc307d82bd82eada077d9db82207
6d8c84d26209a2f2f37c46802e952ab48eb27ece
90d0d3bb84ed3278a30b08ec19bdbb360976b38562328a69b5b89cfe443e88f8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /meta/anchor.html HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538; _ga=GA1.2.1653809851.1684718192; _gid=GA1.2.700395099.1684718192; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:39 GMT
ETag: "a489-5fc219ba68d7f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21338
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/html

www.mymetamask-support.xyz/meta/saved_resource(1).html

169.239.129.37

200 OK

148 B

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/saved_resource(1).html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
148 B (148 bytes)
Hash
09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/saved_resource(1).html HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538; _ga=GA1.2.1653809851.1684718192; _gid=GA1.2.700395099.1684718192; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:09 GMT
ETag: "98-5fc219d7928f3-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 148
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/html

www.mymetamask-support.xyz/meta/hero2.4.png

169.239.129.37

200 OK

590 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/hero2.4.png
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data
Size
590 kB (589568 bytes)
Hash
d0ec70f4c666fbf6ad0d30a52d08c5c9
e48f0688bc4f592824840478d12c05df0dd12002
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /meta/hero2.4.png HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/meta/metamask-staging-2.webflow.css
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538; _ga=GA1.2.1653809851.1684718192; _gid=GA1.2.700395099.1684718192; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:51 GMT
ETag: "8ff00-5fc219c66046f"
Accept-Ranges: bytes
Content-Length: 589568
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4b606a89062b860c8b452c4c3877397c
39ba4e3efb89e39deffa0c93cb01b63cb1975e67
85c1f8e7679b507431d39f010a515ddcc840dbcbedfe06edf1ea94a8e7dd2a15

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 01:16:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.mymetamask-support.xyz/meta/bframe.html

169.239.129.37

200 OK

4.0 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/bframe.html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Size
4.0 kB (3951 bytes)
Hash
2f66271235a3d7572b574296079aa0dd
2d92d80f5ce45463567b1b00b7d631f12a4303d3
365828621c1851dc2094a02f3deca7d565094dede18d1dbfbb6b76c0ed25ca1d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /meta/bframe.html HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/unlocked.php
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538; _ga=GA1.2.1653809851.1684718192; _gid=GA1.2.700395099.1684718192; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:40 GMT
ETag: "2c58-5fc219bbe1ca9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3951
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html

fonts.googleapis.com/css?family=Changa+One:400,400italic

142.250.74.106

200 OK

2.9 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Changa+One:400,400italic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
gzip compressed data, max compression\012- data
Size
2.9 kB (2924 bytes)
Hash
f242aeeaed20ff26501713a698c3a192
1d1480cdd5585727dda20ef48019845138641db8
99e170d9237018faa3003549ba1d682037a7bb376ccb1a7c861edff05ea97972

HTTP Headers

GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 22 May 2023 01:16:31 GMT
date: Mon, 22 May 2023 01:16:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb662x49465

178.249.97.99

200 OK

30 kB

URL GET HTTP/2
accdn.lpsnmedia.net/api/account/88982875/configuration/setting/accountproperties/?cb=lpCb662x49465
IP
178.249.97.99:443
ASN
#11054 LIVEPERSON

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (43251)
Size
30 kB (30029 bytes)
Hash
4803c6d87844c5ec38f9729424b8800e
e1b20892748b2061813d04b23285180b7b14d5cb
c3ffc17ba4eeab949bf11c7198ef4c86f3b5ed3b223f0c8696da4e050e73094f

HTTP Headers

GET /api/account/88982875/configuration/setting/accountproperties/?cb=lpCb662x49465 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 01:16:32 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:35|g:7d26012c-2e53-4db2-a3ef-3f8f99887b9c; Max-Age=30; Expires=Mon, 22-May-2023 01:17:02 GMT; Path=/
ADRUM_BTa=R:35|g:7d26012c-2e53-4db2-a3ef-3f8f99887b9c|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Mon, 22-May-2023 01:17:02 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Mon, 22-May-2023 01:17:02 GMT; Path=/; Secure
ADRUM_BT1=R:35|i:2241648; Max-Age=30; Expires=Mon, 22-May-2023 01:17:02 GMT; Path=/
ADRUM_BT1=R:35|i:2241648|e:5; Max-Age=30; Expires=Mon, 22-May-2023 01:17:02 GMT; Path=/
vary: Accept
expires: Mon, 22 May 2023 01:17:32 GMT
x-envoy-upstream-service-time: 1
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

142.250.74.132

200 OK

616 B

URL GET HTTP/2
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint85:AD:43:66:C0:73:07:1B:B5:5D:4A:83:4B:76:3F:DA:4B:2B:E1:F8
ValidityMon, 24 Apr 2023 12:01:16 GMT - Mon, 17 Jul 2023 12:01:15 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
616 B (616 bytes)
Hash
ac459b16a2293671fc32543b590b5fd1
8dddce81e27fd60e82befe9c263f2e4d71f53eaf
9c94074f205af8c20e34c994f21fc657bb0f9fdbbabdb1aa9fd1e7abd35cac1b

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Mon, 22 May 2023 01:16:32 GMT
date: Mon, 22 May 2023 01:16:32 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 616
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067

104.17.210.243

200 OK

35 B

URL GET HTTP/3
perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067
IP
104.17.210.243:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 22 May 2023 01:16:32 GMT
content-type: image/gif
content-length: 35
x-trace: 2BF2BB2EC7AE0808CC24AA003A8DA89CD5292E4C34000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
x-hubspot-correlation-id: d4b14391-8fcf-4543-b5e7-a35b94a48e41
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
x-envoy-upstream-service-time: 3
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-j4dtm
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 55e17628-e88f-4ce9-974b-0ed054b4827e
last-modified: Mon, 22 May 2023 01:16:32 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cb136df7ad50b55-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
68e98363f930b3ef10efe3f848d4b441
de398874bc8e97a4f3da7023ca4c32c91b4dd847
442199edd1d2acf6f9dcc726a70c7fdd168eb1444f2fbb999408a6cb32b59028

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 22 May 2023 01:16:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.mymetamask-support.xyz/meta/styles__ltr.css

169.239.129.37

200 OK

24 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/styles__ltr.css
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/meta/anchor.html
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (52368), with no line terminators
Size
24 kB (24369 bytes)
Hash
97c3d49b83dc004fcda822b1853b787b
a82fcfbd6b1cf4dd00f4a63d47b9119a69b40147
509bf9e83d3ca5add614196c02c8e0ce59731d3d1a10552c944b74d86019d866

HTTP Headers

GET /meta/styles__ltr.css HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/meta/anchor.html
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538; _ga=GA1.2.1653809851.1684718192; _gid=GA1.2.700395099.1684718192; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:19 GMT
ETag: "cc90-5fc219e0e638a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 24369
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css

www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css

142.250.74.35

404 Not Found

1.6 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cubXltZXRhbWFzay1zdXBwb3J0Lnh5ejo0NDM.&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=jsi7xlh7htew
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1620 bytes)
Hash
e36ef824369a52f32d36526426b521a1
2aa85c4f5ffea54cf853bc9210d79c53d24ff088
1dee5a71230d0118e32b59df6930c964cddbe0d4f5e25fb52e159b75cffd1e97

HTTP Headers

GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 22 May 2023 01:16:32 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1620
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.35

200 OK

167 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.mymetamask-support.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 19:09:56 GMT
expires: Sun, 19 May 2024 19:09:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 108396
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

metamask.io/images/webclip.png

185.199.111.153

404 Not Found

16 kB

URL GET HTTP/2
metamask.io/images/webclip.png
IP
185.199.111.153:443
ASN
#54113 FASTLY

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint53:D2:7D:9D:BF:A5:0C:9E:20:D0:E9:4D:28:49:84:5D:9B:D6:E7:31
ValidityMon, 17 Apr 2023 06:28:57 GMT - Sun, 16 Jul 2023 06:28:56 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (34275)
Size
16 kB (16206 bytes)
Hash
55130e1a885fcaa4ab837f1f26c69565
15e59e5938014732304a1e85b3f9147c93aa6b3c
b91146b49cb961fa3e8447464dd1172503681171a0444b9175513fdff215fd85

HTTP Headers

GET /images/webclip.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"64666b6e-11ac8"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 59AC:0F70:1D812F4:1E87E3F:646AB9FD
accept-ranges: bytes
date: Mon, 22 May 2023 01:16:32 GMT
via: 1.1 varnish
age: 2163
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1684718193.922627,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 3188bcafcad80fe40b886c0f29705a6dc6b5618c
content-length: 16206
X-Firefox-Spdy: h2

metamask.io/images/favicon.png

185.199.111.153

404 Not Found

16 kB

URL GET HTTP/2
metamask.io/images/favicon.png
IP
185.199.111.153:443
ASN
#54113 FASTLY

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint53:D2:7D:9D:BF:A5:0C:9E:20:D0:E9:4D:28:49:84:5D:9B:D6:E7:31
ValidityMon, 17 Apr 2023 06:28:57 GMT - Sun, 16 Jul 2023 06:28:56 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (34275)
Size
16 kB (16206 bytes)
Hash
55130e1a885fcaa4ab837f1f26c69565
15e59e5938014732304a1e85b3f9147c93aa6b3c
b91146b49cb961fa3e8447464dd1172503681171a0444b9175513fdff215fd85

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"64666b6e-11ac8"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 9538:E853:3CF472:3EFE47:646AB4B4
accept-ranges: bytes
date: Mon, 22 May 2023 01:16:32 GMT
via: 1.1 varnish
age: 3515
x-served-by: cache-bma1641-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1684718193.932320,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 5fbc47d5a4258a2a0688c5f3c6a16e0a0b318d2f
content-length: 16206
X-Firefox-Spdy: h2

accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB

178.249.97.99

200 OK

2.3 kB

URL GET HTTP/2
accdn.lpsnmedia.net/api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB
IP
178.249.97.99:443
ASN
#11054 LIVEPERSON

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
2.3 kB (2261 bytes)
Hash
2c034930919765b7f9dff22daa34cf24
ae9a19c4cbf36cb582963a879011f00f6194e957
2720c65cbb25b5cbd80951a240915fcbd2bfb1268fb2e71f44396c2a83afa65d

HTTP Headers

GET /api/account/88982875/configuration/le-campaigns/zones?fields=id&fields=zoneValue&cb=lpZonesStaticCB HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 01:16:32 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:35|g:f1fddc6c-513e-4613-87bb-df0a66e0f985; Max-Age=30; Expires=Mon, 22-May-2023 01:17:02 GMT; Path=/
ADRUM_BTa=R:35|g:f1fddc6c-513e-4613-87bb-df0a66e0f985|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Mon, 22-May-2023 01:17:02 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Mon, 22-May-2023 01:17:02 GMT; Path=/; Secure
ADRUM_BT1=R:35|i:2241648; Max-Age=30; Expires=Mon, 22-May-2023 01:17:02 GMT; Path=/
ADRUM_BT1=R:35|i:2241648|e:7; Max-Age=30; Expires=Mon, 22-May-2023 01:17:02 GMT; Path=/
vary: Accept
expires: Mon, 22 May 2023 01:17:32 GMT
x-envoy-upstream-service-time: 38
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: EXPIRED
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

www.mymetamask-support.xyz/meta/recaptcha__nl.js.download

169.239.129.37

200 OK

138 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/recaptcha__nl.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/meta/anchor.html
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (820)
Size
138 kB (137504 bytes)
Hash
e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/recaptcha__nl.js.download HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/meta/anchor.html
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538; _ga=GA1.2.1653809851.1684718192; _gid=GA1.2.700395099.1684718192; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:09 GMT
ETag: "56577-5fc219d76a855-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit

142.250.74.132

200 OK

616 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with very long lines (1008), with no line terminators
Size
616 B (616 bytes)
Hash
ac459b16a2293671fc32543b590b5fd1
8dddce81e27fd60e82befe9c263f2e4d71f53eaf
9c94074f205af8c20e34c994f21fc657bb0f9fdbbabdb1aa9fd1e7abd35cac1b

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Mon, 22 May 2023 01:16:33 GMT
date: Mon, 22 May 2023 01:16:33 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 616
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js

142.250.74.35

404 Not Found

1.6 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cubXltZXRhbWFzay1zdXBwb3J0Lnh5ejo0NDM.&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=jsi7xlh7htew
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1621 bytes)
Hash
c90524d6a02b27addb56c350fe6fbb2d
d713d1b53323c0169ffe0649be8c9d04a189f999
4aefd395113d052a874ac1919aed0e288835e0377683f1e71e98838d16c986e0

HTTP Headers

GET /recaptcha/releases/rPvs0Nyx3sANE-ZHUN-0nM85/recaptcha__nl.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 22 May 2023 01:16:33 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.mymetamask-support.xyz/meta/recaptcha__nl.js.download

169.239.129.37

200 OK

138 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/recaptcha__nl.js.download
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/meta/anchor.html
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
ASCII text, with very long lines (820)
Size
138 kB (137504 bytes)
Hash
e735084e8ffed1ad8d89df08d98d4d23
6cdab8dac12030c8bc980ec129affecc626285c3
6cde5be2d724e53c8c4a97041365d3075e3af63ec08e1712b2f831b6e2bd357b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/recaptcha__nl.js.download HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/meta/bframe.html
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538; _ga=GA1.2.1653809851.1684718192; _gid=GA1.2.700395099.1684718192; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:09 GMT
ETag: "56577-5fc219d76a855-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.35

200 OK

167 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://js.hsforms.net
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 19:09:56 GMT
expires: Sun, 19 May 2024 19:09:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 108397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.mymetamask-support.xyz/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mymetamask-support.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:35 GMT
expires: Thu, 16 May 2024 00:16:35 GMT
cache-control: public, max-age=31536000
age: 435598
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=du79376ysqo
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.mymetamask-support.xyz
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 07:26:31 GMT
expires: Sun, 19 May 2024 07:26:31 GMT
cache-control: public, max-age=31536000
age: 150602
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.35

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.mymetamask-support.xyz/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 20:49:22 GMT
expires: Wed, 24 May 2023 20:49:22 GMT
cache-control: public, max-age=604800
age: 361631
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

js.hsforms.net/forms/v2.js

104.16.186.65

200 OK

168 kB

URL GET HTTP/2
js.hsforms.net/forms/v2.js
IP
104.16.186.65:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mymetamask-support.xyz/meta/saved_resource.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint16:1A:D5:A1:BC:62:B5:09:33:E2:A8:32:88:88:60:DE:BD:00:B5:F3
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
168 kB (167930 bytes)
Hash
1d656df477d6edca6241500e32135a70
66db6eb2d28f2c35a198d945a2a65de6f517a913
5ec1775c9dd3e265b5199c3661b38cae053affae10152beb5a6a1217bf4668f4

HTTP Headers

GET /forms/v2.js HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 01:16:32 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Thu, 18 May 2023 09:43:44 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: XwZbVWs955S5IaGa40PkWhHIr22a1Zm2
etag: W/"1d656df477d6edca6241500e32135a70"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a4f9ca051b97c1ac09e2af244690d376.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: TxTje65FZRZOtBTxW-yxRAe5hPhSeYIyDSf0Wk-6BE5fH_8rHVig9A==
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://send.hsbrowserreports.com/csp/report?resource=forms-embed/static-1.3211/bundles/project-v2.js&cfRay=7c93379f8e57be42-IAD
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: forms-embed/static-1.3211/bundles/project-v2.js
access-control-allow-origin: *
x-hs-cache-status: HIT
x-envoy-upstream-service-time: 4
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-589c5fd4fb-vnl6w
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 0cb1b874-4ec7-430d-b035-584f2b2560b9
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 339
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=63acDzC0qATqpnLcOIMWBszj2EOUqWcFk1Zzin6SF4OBU3Hfe3HN0OC85kcrgICmXMLhrnBzLb3y9SUAYaMqVgUuDWg7%2BYpuWJfl9CEB59KluopKcHiYTr%2FIJVTdeCq%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cb136dfcb430b45-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.35

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 07:40:18 GMT
expires: Sat, 27 May 2023 07:40:18 GMT
cache-control: public, max-age=604800
age: 149775
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.mymetamask-support.xyz/meta/saved_resource(2).html

169.239.129.37

200 OK

148 B

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/saved_resource(2).html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/meta/anchor.html
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
148 B (148 bytes)
Hash
09b33fa7a1116338c9b2326b08c03bfe
6d8ee025ab2df83f5765362a1ec59e14541d52d1
324967ab0642b90c52e9aa8b3650961f15deca3a70bc87e55912148740bceef3

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /meta/saved_resource(2).html HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/meta/anchor.html
Cookie: PHPSESSID=cq88l05devlfmg4oi2sl8cm538; _ga=GA1.2.1653809851.1684718192; _gid=GA1.2.700395099.1684718192; _gat_gtag_UA_37075177_6=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:33 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:23:11 GMT
ETag: "98-5fc219d94231a-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 148
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: text/html

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=du79376ysqo

142.250.74.132

200 OK

28 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=du79376ysqo
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43562)
Size
28 kB (28384 bytes)
Hash
a037d6db37eee9492aa1193a3e652595
a1a45bf42930d70b138bcd3be554af23d8a0456a
837943481dcfa841f2b9d9ab9f5cb01ae411d971a124a1a3bbcfa41ba49a953f

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=du79376ysqo HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 May 2023 01:16:33 GMT
content-security-policy: script-src 'nonce-ZWydrrOw6ASnSiv6SKXnQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28384
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=du79376ysqo
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 May 2023 02:28:44 GMT
expires: Mon, 20 May 2024 02:28:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/css
vary: Accept-Encoding
age: 82069
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.35

200 OK

167 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 19:09:56 GMT
expires: Sun, 19 May 2024 19:09:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 108397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.mymetamask-support.xyz/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:35 GMT
expires: Thu, 16 May 2024 00:16:35 GMT
cache-control: public, max-age=31536000
age: 435598
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=du79376ysqo
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 07:26:31 GMT
expires: Sun, 19 May 2024 07:26:31 GMT
cache-control: public, max-age=31536000
age: 150602
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ

142.250.74.132

200 OK

112 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=du79376ysqo
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with no line terminators
Size
112 B (112 bytes)
Hash
be5069a814de1331fe3e4cfa1a492239
7e6248c3e94c3dbf09db54f82ebc55954df99f73
3eefcd5ba2f128fa9468549daefb569acd63b7cb080f2105496fee6298c258e0

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=du79376ysqo
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Mon, 22 May 2023 01:16:33 GMT
date: Mon, 22 May 2023 01:16:33 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 112
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.35

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=du79376ysqo
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 15 May 2023 21:48:58 GMT
expires: Mon, 22 May 2023 21:48:58 GMT
cache-control: public, max-age=604800
age: 530855
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.35

200 OK

167 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 19:09:56 GMT
expires: Sun, 19 May 2024 19:09:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 108397
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.132

200 OK

1.2 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.2 kB (1156 bytes)
Hash
40bd627242a10bc45991ce37ff5c3100
2ef657290c511c7e4cb7f6af033d7d00511de15c
7b823e9f85bd70984fdc79c83593658c3f55618d4bab206f09e1bc2fcdfd3789

HTTP Headers

GET /recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://js.hsforms.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 May 2023 01:16:34 GMT
content-security-policy: script-src 'nonce-vmzYQhmC1qt9cWmjKBTmUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1156
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css

142.250.74.35

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=du79376ysqo
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (56403), with no line terminators
Size
25 kB (24605 bytes)
Hash
83f90c5a4c20afb44429fa346fbadc10
7c278ec721d3880fbafaadeba9ee80bdf294b014
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24605
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 21 May 2023 02:28:44 GMT
expires: Mon, 20 May 2024 02:28:44 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/css
vary: Accept-Encoding
age: 82070
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js

142.250.74.35

200 OK

167 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://js.hsforms.net/forms-next/shell-recaptcha
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text, with very long lines (554)
Size
167 kB (166637 bytes)
Hash
213e1a6e418f3df36f2ec077314ef525
7a553e545a48271f3afec47b3ed5f3518cfdd7b4
ad5008998005064af73229fb144d5f8e789641f8a846e2064ec18788a37e9e2d

HTTP Headers

GET /recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 166637
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 19:09:56 GMT
expires: Sun, 19 May 2024 19:09:56 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 15 May 2023 04:00:52 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 108398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.132

200 OK

25 kB

URL POST HTTP/3
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
ASCII text, with very long lines (41340)
Size
25 kB (24976 bytes)
Hash
10ff86dcdd6cf600a44a0a51115d8a01
1092a4ce9f6de68c618686ae5723cefa8fbafa84
5f3bd43d44e56662be2715140b89a256e5acb79dffeae9e101f8091991254918

HTTP Headers

POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 7070
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Mon, 22 May 2023 01:16:34 GMT
expires: Mon, 22 May 2023 01:16:34 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 24976
server: GSE
set-cookie: _GRECAPTCHA=09AAldklOO6zybvSD7BaHmHA8BAfNl-hla1jtVMdNydLYY7P4hori_WVCV8OnU3K21DeYVFQ_OXeGgv2KHx2Exky0;Path=/recaptcha;Expires=Sat, 18-Nov-2023 01:16:34 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.mymetamask-support.xyz/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:35 GMT
expires: Thu, 16 May 2024 00:16:35 GMT
cache-control: public, max-age=31536000
age: 435599
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9qcy5oc2Zvcm1zLm5ldDo0NDM.&hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&size=invisible&badge=inline&cb=du79376ysqo
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 07:26:31 GMT
expires: Sun, 19 May 2024 07:26:31 GMT
cache-control: public, max-age=31536000
age: 150603
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 00:16:43 GMT
expires: Thu, 16 May 2024 00:16:43 GMT
cache-control: public, max-age=31536000
age: 435591
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.35

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.mymetamask-support.xyz/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 17 May 2023 20:49:22 GMT
expires: Wed, 24 May 2023 20:49:22 GMT
cache-control: public, max-age=604800
age: 361632
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.35

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 20 May 2023 07:40:18 GMT
expires: Sat, 27 May 2023 07:40:18 GMT
cache-control: public, max-age=604800
age: 149776
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.35

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://www.mymetamask-support.xyz/meta/bframe.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE2:33:59:47:38:D7:4A:7A:9E:28:5D:EC:AA:94:7F:92:25:D2:B1:C4
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/FFtxPnbuZxq6kkeHkQJR2MNQ/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 18 May 2023 00:56:35 GMT
expires: Thu, 25 May 2023 00:56:35 GMT
cache-control: public, max-age=604800
age: 346799
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/payload?p=06AL8dmw_a39LppyVf9yY-8T2JUJPjqrhWR0k0-kxo8XJ5wh9zzG-ov1loKq_B0vYuJ6pZlrYgjpnbI2bBaAr9MdvxS2dwyDQ3_RyV12A0WmKRk6MLCFfBVoMh0aq2QhBrWija-dK93iFQKX87MfpLvHjdKpC5wwZvP1X--U4EBRcPUGBQCvYJZMjXqseufI1V0HjhdcfBA6yo&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

142.250.74.132

200 OK

32 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/payload?p=06AL8dmw_a39LppyVf9yY-8T2JUJPjqrhWR0k0-kxo8XJ5wh9zzG-ov1loKq_B0vYuJ6pZlrYgjpnbI2bBaAr9MdvxS2dwyDQ3_RyV12A0WmKRk6MLCFfBVoMh0aq2QhBrWija-dK93iFQKX87MfpLvHjdKpC5wwZvP1X--U4EBRcPUGBQCvYJZMjXqseufI1V0HjhdcfBA6yo&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint08:73:2C:18:30:14:52:C3:CA:3E:02:79:65:B4:FE:90:AC:3F:3E:33
ValidityMon, 24 Apr 2023 11:56:06 GMT - Mon, 17 Jul 2023 11:56:05 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3\012- data
Size
32 kB (31955 bytes)
Hash
4651c37bee4887be8fb85ff27f3fa840
e62d6f16df9d5693f79b6855bdc85d41c75bb033
148af5c36daf13f7a4415fe58e9fc85ab0665f825238651e99a40e3603f652e4

HTTP Headers

GET /recaptcha/enterprise/payload?p=06AL8dmw_a39LppyVf9yY-8T2JUJPjqrhWR0k0-kxo8XJ5wh9zzG-ov1loKq_B0vYuJ6pZlrYgjpnbI2bBaAr9MdvxS2dwyDQ3_RyV12A0WmKRk6MLCFfBVoMh0aq2QhBrWija-dK93iFQKX87MfpLvHjdKpC5wwZvP1X--U4EBRcPUGBQCvYJZMjXqseufI1V0HjhdcfBA6yo&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=FFtxPnbuZxq6kkeHkQJR2MNQ&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AAldklOO6zybvSD7BaHmHA8BAfNl-hla1jtVMdNydLYY7P4hori_WVCV8OnU3K21DeYVFQ_OXeGgv2KHx2Exky0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
expires: Mon, 22 May 2023 01:16:34 GMT
date: Mon, 22 May 2023 01:16:34 GMT
cache-control: private, max-age=30
content-type: image/jpeg
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 31955
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.mymetamask-support.xyz/meta/bframe.html

169.239.129.37

200 OK

4.0 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/bframe.html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3186)
Size
4.0 kB (3951 bytes)
Hash
2f66271235a3d7572b574296079aa0dd
2d92d80f5ce45463567b1b00b7d631f12a4303d3
365828621c1851dc2094a02f3deca7d565094dede18d1dbfbb6b76c0ed25ca1d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /meta/bframe.html HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:43 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:40 GMT
ETag: "2c58-5fc219bbe1ca9-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3951
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

www.mymetamask-support.xyz/meta/anchor.html

169.239.129.37

200 OK

21 kB

URL GET HTTP/1.1
www.mymetamask-support.xyz/meta/anchor.html
IP
169.239.129.37:443
ASN
#61138 Zappie Host LLC

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerLet's Encrypt
Subjectmymetamask-support.xyz
Fingerprint0B:6F:10:DC:72:D9:D3:44:38:84:49:21:63:58:B7:32:24:EF:34:B2
ValidityThu, 18 May 2023 16:59:42 GMT - Wed, 16 Aug 2023 16:59:41 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (33133)
Size
21 kB (21338 bytes)
Hash
2db6bc307d82bd82eada077d9db82207
6d8c84d26209a2f2f37c46802e952ab48eb27ece
90d0d3bb84ed3278a30b08ec19bdbb360976b38562328a69b5b89cfe443e88f8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /meta/anchor.html HTTP/1.1
Host: www.mymetamask-support.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 22 May 2023 01:16:43 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 20 May 2023 15:22:39 GMT
ETag: "a489-5fc219ba68d7f-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21338
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html

lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fwww.mymetamask-support.xyz&site=88982875&force=1&env=prod&isCrossDomain=true

178.249.97.98

200 OK

39 kB

URL GET HTTP/2
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fwww.mymetamask-support.xyz&site=88982875&force=1&env=prod&isCrossDomain=true
IP
178.249.97.98:443
ASN
#11054 LIVEPERSON

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (38562), with no line terminators
Size
39 kB (38562 bytes)
Hash
3386ec5559f1ba569cf0ab6acab436cc
e98e11d37c5172ee128a85f68447efb3cb0e853c
996ab3c1e26cb00ec7d3d29650e784755ba46f33613563b7173b0dab03fa3d73

HTTP Headers

GET /le_secure_storage/3.15.0.0-release_5063/storage.secure.min.js?loc=https%3A%2F%2Fwww.mymetamask-support.xyz&site=88982875&force=1&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 01:16:33 GMT
content-type: application/javascript
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Tue, 21 May 2024 01:16:33 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb54576x44803

178.249.97.99

200 OK

113 B

URL GET HTTP/2
accdn.lpsnmedia.net/api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb54576x44803
IP
178.249.97.99:443
ASN
#11054 LIVEPERSON

Requested by
https://lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fwww.mymetamask-support.xyz&site=88982875&env=prod&isCrossDomain=true
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
113 B (113 bytes)
Hash
cdf51ebcac86103bb30d22e344b20f8c
33e3fa3392a6edc19f4da3412eae92eaac23dd75
e1ad7165b980b999d2dd9eb92f4bc51204289fb892626d06792fe13ac1e982cd

HTTP Headers

GET /api/account/88982875/configuration/domainprotection/refererrestrictions?cb=lpCb54576x44803 HTTP/1.1
Host: accdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://lpcdn.lpsnmedia.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 01:16:33 GMT
content-type: application/javascript
set-cookie: ADRUM_BTa=R:28|g:f26c35fe-96ca-4967-9210-4c5722334bdb; Max-Age=30; Expires=Mon, 22-May-2023 01:17:03 GMT; Path=/
ADRUM_BTa=R:28|g:f26c35fe-96ca-4967-9210-4c5722334bdb|n:livepersonltd_93a08561-b03e-475e-b29b-9ad4aa207daf; Max-Age=30; Expires=Mon, 22-May-2023 01:17:03 GMT; Path=/
SameSite=None; Max-Age=30; Expires=Mon, 22-May-2023 01:17:03 GMT; Path=/; Secure
ADRUM_BT1=R:28|i:2241648; Max-Age=30; Expires=Mon, 22-May-2023 01:17:03 GMT; Path=/
ADRUM_BT1=R:28|i:2241648|e:8; Max-Age=30; Expires=Mon, 22-May-2023 01:17:03 GMT; Path=/
cache-control: no-store
x-envoy-upstream-service-time: 92
x-envoy-decorator-operation: lp-accdn-app.default.svc.lokube01.int.liveperson.net:8080/*
server: ws
strict-transport-security: max-age=99999999999; includeSubDomains
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options
access-control-allow-credentials: true
x-cache-status: MISS
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=

104.17.210.243

200 OK

5.8 kB

URL GET HTTP/2
forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
IP
104.17.210.243:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (6544), with no line terminators
Size
5.8 kB (5794 bytes)
Hash
56d167f1d615aab570b2f53bff15f96f
bc5c0464c626b66961d16bbf67583664267410f1
1591346c075ca9b333e98996b08cc8294028e5c40c9515cbc1bfcc009cd33eec

HTTP Headers

GET /embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 01:16:32 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B5876F4CDD38AF74C2777F2BA57472338CC8483B2000000000000000000
x-origin-hublet: na1
vary: origin
x-hubspot-correlation-id: 14707a79-193e-43b1-b02d-a149ff00ce04
content-disposition: attachment; filename=no-rfd.txt
x-content-type-options: nosniff
access-control-allow-credentials: false
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
x-robots-tag: none
x-envoy-upstream-service-time: 6
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-759c64d45c-c6p2z
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: d2ade8e2-a9b4-41dd-b843-80e1bd07b84d
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cb136ddbe3afac4-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fwww.mymetamask-support.xyz&site=88982875&env=prod&isCrossDomain=true

178.249.97.98

200 OK

40 kB

URL GET HTTP/2
lpcdn.lpsnmedia.net/le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fwww.mymetamask-support.xyz&site=88982875&env=prod&isCrossDomain=true
IP
178.249.97.98:443
ASN
#11054 LIVEPERSON

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerSectigo Limited
Subject*.lpsnmedia.net
Fingerprint50:71:62:B3:88:93:98:3D:CC:EF:A7:C6:82:00:2D:1E:44:64:14:BB
ValidityMon, 09 Jan 2023 00:00:00 GMT - Tue, 09 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (32207)
Size
40 kB (39478 bytes)
Hash
e57f19d47b3b07b577d844ae827ea4b3
7fab7227b3a1fb72d016a40685952c4483909eb8
59f4843277d9aca1200c779c52318aadb380021a0051a6644b75274acb7fe158

HTTP Headers

GET /le_secure_storage/3.15.0.0-release_5063/storage.secure.min.html?loc=https%3A%2F%2Fwww.mymetamask-support.xyz&site=88982875&env=prod&isCrossDomain=true HTTP/1.1
Host: lpcdn.lpsnmedia.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 22 May 2023 01:16:33 GMT
content-type: text/html
last-modified: Fri, 05 Nov 2021 13:34:15 GMT
content-encoding: gzip
server: ws
vary: Origin
access-control-allow-methods: GET, POST, PATCH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-state-rev
access-control-expose-headers: X-Requested-With, X-HTTP-Method-Override, LP-DOMAIN-REFERER, LP-URL, ETag, ac-revision, X-LP-Last-Modified, If-Match, Authentication-Method, Credit-Card-Ref, Automation-Secret, Email-Token, x-lp-host, Lp-Req-Time, date, x-application-context, strict-transport-security, x-content-type-options, x-download-options, x-xss-protection, x-cache-status, x-amz-id-2, x-amz-request-id, expires, last-modified, set-cookie, content-security-policy, x-frame-options, x-lp-state-rev
access-control-allow-credentials: true
expires: Tue, 21 May 2024 01:16:33 GMT
cache-control: max-age=31536000
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-cache-status: HIT
X-Firefox-Spdy: h2

js.hsforms.net/forms-next/shell-recaptcha

104.16.186.65

200 OK

852 B

URL GET HTTP/3
js.hsforms.net/forms-next/shell-recaptcha
IP
104.16.186.65:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.mymetamask-support.xyz/meta/saved_resource.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint16:1A:D5:A1:BC:62:B5:09:33:E2:A8:32:88:88:60:DE:BD:00:B5:F3
ValidityTue, 16 May 2023 00:00:00 GMT - Wed, 15 May 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (882), with no line terminators
Size
852 B (852 bytes)
Hash
440ce01c33f34fd2d411740a08afbefc
5430ee8be61e7637b762df165949e960bf4665c6
4b6998d625f78ce81d67272fc34ca2959491f21f8f858c80f69b0e405fef691f

HTTP Headers

GET /forms-next/shell-recaptcha HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Mon, 22 May 2023 01:16:32 GMT
content-type: text/html; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Tue, 18 Apr 2023 10:07:51 UTC
x-amz-server-side-encryption: AES256
x-amz-meta-ao: {}
x-amz-version-id: dqJFVLcLbtqiZfu_0m9SwCTwCprCedNN
x-cache: Hit from cloudfront
via: 1.1 3c43e000c50d5633eb558057710f3c54.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: reMTkLUKtFnti8Ww-nAnlYZBYiH-rtlNVPLVyrL6sq7MS-4stZKDrg==
age: 3332
cache-control: s-maxage=600, max-age=300
x-hs-target-asset: FormsNext/static-5.608/html/recaptcha.html
access-control-allow-origin: *
x-hs-cache-status: MISS
x-envoy-upstream-service-time: 5
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/app-td/envoy-proxy-57ff77fcd-h6thn
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-request-id: 76db5f68-1750-40be-9539-be20c9879dde
cache-tag: staticjsapp-FormsNext-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BpkNFuJQjuF%2FMp%2BGzb0jFy0LsBFbeKyAqTkhbmTWtx%2Froj0NLN28CwnEh8tNzeldWQDxUI2RaUrgQk5DUKfQ7%2F1d%2F4FEDZ9FSa1hBhXG%2B%2FTJBi31TAvjBpLWv%2B78gQMR"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7cb136e13ef3b521-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cubXltZXRhbWFzay1zdXBwb3J0Lnh5ejo0NDM.&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=jsi7xlh7htew

142.250.74.132

200 OK

52 kB

URL GET HTTP/2
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cubXltZXRhbWFzay1zdXBwb3J0Lnh5ejo0NDM.&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=jsi7xlh7htew
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://www.mymetamask-support.xyz/unlocked.php
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint85:AD:43:66:C0:73:07:1B:B5:5D:4A:83:4B:76:3F:DA:4B:2B:E1:F8
ValidityMon, 24 Apr 2023 12:01:16 GMT - Mon, 17 Jul 2023 12:01:15 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (43251)
Size
52 kB (51867 bytes)
Hash
bf8d5d1c24eb09f00a58141f6f02badb
348bfecf91c3a35662f9a69ce72729ca275b072a
b7d315b11cb571143ed5a55ab31456fd3a1b3200e15ffdf11a7f906a16de647a

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly93d3cubXltZXRhbWFzay1zdXBwb3J0Lnh5ejo0NDM.&hl=nl&v=rPvs0Nyx3sANE-ZHUN-0nM85&size=invisible&badge=inline&cb=jsi7xlh7htew HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.mymetamask-support.xyz/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 22 May 2023 01:16:32 GMT
content-security-policy: script-src 'nonce-BCcqkw_nFUpcL8avCmklxw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 28412
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (52)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML