metamask.consensys.net/
185.199.108.153301 Moved Permanently 162 B IP 185.199.108.153:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Server: GitHub.com
Content-Type: text/html
Location: https://metamask.consensys.net/
X-GitHub-Request-Id: BE06:0EE7:AC79EA:B4C92C:63D79289
Accept-Ranges: bytes
Date: Mon, 30 Jan 2023 09:48:57 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1652-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675072137.265907,VS0,VE189
Vary: Accept-Encoding
X-Fastly-Request-ID: 0275f1c3be70d50429d000f5a18cfaaec05a9ad3
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8257
Expires: Mon, 30 Jan 2023 12:06:34 GMT
Date: Mon, 30 Jan 2023 09:48:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10520
Expires: Mon, 30 Jan 2023 12:44:17 GMT
Date: Mon, 30 Jan 2023 09:48:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5540
Expires: Mon, 30 Jan 2023 11:21:17 GMT
Date: Mon, 30 Jan 2023 09:48:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 09:35:42 GMT
content-type: application/json
age: 795
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: md7ukmmg9es+YyquW5X/CMiZ5jY/pXu9nKsnwbP9Bs6O2M6y6oRcNua7URBBrDMGmU8xpiohdBA=
x-amz-request-id: 3078T8GWDB02SEJJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 09:21:44 GMT
age: 1633
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 09:48:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
metamask.consensys.net/
185.199.109.153200 OK 33 kB IP 185.199.109.153:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33631)
Hash 0cafab9a2b4befeaf827e3a78528b484
c9779a6b2e55976c49adff314d097264b7d37468
e08ee447085571d0642c903bece649a6fab79443b9fcf8762d63caf612dc443c
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-28ea9"
expires: Mon, 30 Jan 2023 08:17:05 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 4D6E:452F:20CC8B3:223FD70:63D77AA9
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:57 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675072138.626241,VS0,VE113
vary: Accept-Encoding
x-fastly-request-id: cc29d2f1da59cf7f80dbf1ab5ffa3e7b3b66a207
content-length: 32738
X-Firefox-Spdy: h2
metamask.consensys.net/webpack-runtime-1b41a958b9e8199e5fd7.js
185.199.109.153200 OK 1.9 kB URL HTTP/2 metamask.consensys.net/webpack-runtime-1b41a958b9e8199e5fd7.js
IP 185.199.109.153:0
File type ASCII text, with very long lines (4329)
Hash 055f2e207ca00863fdc90d1be4d92103
ae8ad9279964e6622479c3b5be0da0eeeff7336b
00947e4dbb3e2172b122067164d4381830367ae3fb61259274111a01d926c3b3
Analyzer Verdict Alert fortinet Phishing
GET /webpack-runtime-1b41a958b9e8199e5fd7.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-112a"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 2E4C:0B48:1ACF190:1BFD4ED:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.912040,VS0,VE110
vary: Accept-Encoding
x-fastly-request-id: 35ff7ca1d5b280372f2ca6c508829d69a72318f4
content-length: 1925
X-Firefox-Spdy: h2
metamask.consensys.net/29107295-3224358509236f95435e.js
185.199.109.153200 OK 25 kB URL HTTP/2 metamask.consensys.net/29107295-3224358509236f95435e.js
IP 185.199.109.153:0
File type Unicode text, UTF-8 text, with very long lines (65249)
Hash 4b31de3678e463e4d21b4950ba9955d7
6b2e82654a0e4410bca6c06ddd06d8f07aa5b585
4452b7ddfe298390113dc3ccbdf03ae090e4b9c3a2b7781d8d700dfbc075f284
Analyzer Verdict Alert fortinet Phishing
GET /29107295-3224358509236f95435e.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-11b85"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 6672:AB49:2282E19:23FCEE9:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.915073,VS0,VE116
vary: Accept-Encoding
x-fastly-request-id: 5a0eb364fb5d61be979613451588a5b24126bbc5
content-length: 25238
X-Firefox-Spdy: h2
metamask.consensys.net/framework-a8ceb9e565121e1d4bfa.js
185.199.109.153200 OK 8.3 kB URL HTTP/2 metamask.consensys.net/framework-a8ceb9e565121e1d4bfa.js
IP 185.199.109.153:0
File type ASCII text, with very long lines (22834)
Hash 554277747eb3c1615c020293ee348265
12d0301989ca57644083afd8e8f91fcc75a1d997
73b892a388dd28dea50cb626512dab504060149e608fc639a86aebdc83b926a5
Analyzer Verdict Alert fortinet Phishing
GET /framework-a8ceb9e565121e1d4bfa.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-596d"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 6774:BFE8:22785BF:23F287D:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.912781,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: 45ec6daa5b65c415d403798e0c5e4d4a8c23617c
content-length: 8347
X-Firefox-Spdy: h2
metamask.consensys.net/styles-407fe62976dc5310c43e.js
185.199.109.153200 OK 117 B URL HTTP/2 metamask.consensys.net/styles-407fe62976dc5310c43e.js
IP 185.199.109.153:0
Hash 6fb71a03e6e04f04a2142d3cd51c5a03
f217851828b8f5fb31f21476d0e2afea2cdf5d26
cf78e3bcf3150d9c1c3b4be5a3f8874e83dabebadebb9374cb607e2cb260e996
Analyzer Verdict Alert fortinet Phishing
GET /styles-407fe62976dc5310c43e.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: "63d7746b-75"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 304E:3359:16D8E3F:17D289D:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.914357,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: 5a8b709b1acc6ed0b9de213b6db3968b71a72891
content-length: 117
X-Firefox-Spdy: h2
metamask.consensys.net/app-a0525f96a575de0f977c.js
185.199.109.153200 OK 26 kB URL HTTP/2 metamask.consensys.net/app-a0525f96a575de0f977c.js
IP 185.199.109.153:0
File type Unicode text, UTF-8 text, with very long lines (65453)
Hash 290cd8e37dc33e01f32c258fd7ad7d59
aff16295ad56dcb85711f1f7548e470b94f81c9b
13e63e160436c48655a2a063e23dc4412cc70f8fa0e2b54150a41808bd9d5fec
Analyzer Verdict Alert fortinet Phishing
GET /app-a0525f96a575de0f977c.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-14a5c"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 35C4:9089:56B345:5A9B87:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.913585,VS0,VE126
vary: Accept-Encoding
x-fastly-request-id: 91e5377cf3fb354c74f1e8c8fca689a71214a89e
content-length: 26473
X-Firefox-Spdy: h2
metamask.consensys.net/commons-a27fd9eff92e23d4d790.js
185.199.109.153200 OK 30 kB URL HTTP/2 metamask.consensys.net/commons-a27fd9eff92e23d4d790.js
IP 185.199.109.153:0
File type Unicode text, UTF-8 text, with very long lines (65438)
Hash 4ca119afa75569d9728b2081df508ef8
21401a776e80990b5bf05759f14ddbb29a1f8e74
5d3eebfeca08e7f4b5ada0ec6d55b95cd8a05c7c103187bf5758ab730c439f0e
Analyzer Verdict Alert fortinet Phishing
GET /commons-a27fd9eff92e23d4d790.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-1624d"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3BBC:BFE8:22785BF:23F287E:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.915887,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: 147b63e390aebaeff759a9dae71393f252839beb
content-length: 30544
X-Firefox-Spdy: h2
metamask.consensys.net/component---src-templates-contentful-layout-js-ace17a9dca4d7b347162.js
185.199.109.153200 OK 3.0 kB URL HTTP/2 metamask.consensys.net/component---src-templates-contentful-layout-js-ace17a9dca4d7b347162.js
IP 185.199.109.153:0
File type ASCII text, with very long lines (6930)
Hash 2c284f98cd1b45eb3afe58762dd89c31
c5f8f7aa962084f5be155b90ee4e9507bb272d1a
853102b96aefe9fc6982e0e9ebbfe270e8cc07456513f36ef79f051fd333a356
Analyzer Verdict Alert fortinet Phishing
GET /component---src-templates-contentful-layout-js-ace17a9dca4d7b347162.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-1b72"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 4A84:11B79:13320A5:141143B:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.917361,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: 9ae80e23a880f65f05d0402b5a2fe4d7a7b6d689
content-length: 2984
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/sq/d/2468095761.json
185.199.109.153200 OK 106 B URL HTTP/2 metamask.consensys.net/page-data/sq/d/2468095761.json
IP 185.199.109.153:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 762e166643f9bf3c1f238d2f01d906be
dcb798643d96514bbb8bc002b3f4fc3385b3e134
6adf205a86e012f5f32ef595034953abeb6b2056f6424168318e571a56a3c09b
Analyzer Verdict Alert fortinet Phishing
GET /page-data/sq/d/2468095761.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: "63d7746b-6a"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: A3FA:B545:22DACEC:2455004:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.923690,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 0a33448029e33f00284cfa06715b67abaef5b897
content-length: 106
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/index/page-data.json
185.199.109.153200 OK 24 kB URL HTTP/2 metamask.consensys.net/page-data/index/page-data.json
IP 185.199.109.153:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash cec596eeb436d033804f48e0672d439f
d7b42f715d043f2ee2ea907127240dc274f4d0d0
12f443f35d96988fe76a1f888c23cb6aee4e46d6c6797e6e5b64824bef3d36a1
Analyzer Verdict Alert fortinet Phishing
GET /page-data/index/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-18db8"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: C044:10FD5:221F099:2398CAE:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.921136,VS0,VE127
vary: Accept-Encoding
x-fastly-request-id: 3e13372d1be8188f44c268ce90b7f2d7c210a2d2
content-length: 23741
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/sq/d/2682959621.json
185.199.109.153200 OK 11 kB URL HTTP/2 metamask.consensys.net/page-data/sq/d/2682959621.json
IP 185.199.109.153:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65522), with no line terminators
Hash 1f7b2bb7e40c0b1795ed47d7d96de4d3
347bb20056eba77aaab0d93e0c682ed7298bf368
2e49b0cfe9e975f25586ea713fd7c573bbc9055bcd08815a8facc4928abc23fa
Analyzer Verdict Alert fortinet Phishing
GET /page-data/sq/d/2682959621.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-1a2dd"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 84C6:3359:16D8E3F:17D289F:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.925790,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: 271ec3d7a6902468d859103ca14bcbbb50cd2d78
content-length: 10915
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/app-data.json
185.199.109.153200 OK 50 B URL HTTP/2 metamask.consensys.net/page-data/app-data.json
IP 185.199.109.153:0
File type JSON data\012- , ASCII text
Hash b22a39168ee9681a17075e59761bedca
fdc25c76eed49cc551355604f928f4074f8ad6df
6caa6b702b17a7497e630749aa7c08b64046d519145d03822e089f4061945ae3
Analyzer Verdict Alert fortinet Phishing
GET /page-data/app-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: "63d7746b-32"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 4486:11B79:13320A7:141143D:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.944240,VS0,VE108
vary: Accept-Encoding
x-fastly-request-id: e721dd51e1666ac9d0cf3ba0c12794872dc2898e
content-length: 50
X-Firefox-Spdy: h2
metamask.consensys.net/fonts/EuclidCircularB-Bold-WebXL.woff2
185.199.109.153200 OK 44 kB URL HTTP/2 metamask.consensys.net/fonts/EuclidCircularB-Bold-WebXL.woff2
IP 185.199.109.153:0
File type Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Hash 9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
Analyzer Verdict Alert fortinet Phishing
GET /fonts/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: font/woff2
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: "63d7746b-ae00"
expires: Mon, 30 Jan 2023 09:58:58 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 1894:DD43:22667F7:23E0A59:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.947913,VS0,VE114
vary: Accept-Encoding
x-fastly-request-id: 47b199b7fdb2ea6a2a1ce0423d39919a0aef0086
content-length: 44544
X-Firefox-Spdy: h2
images.ctfassets.net/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/67001204dd8d16fa99070e902c512b9c/home-hero.png?w=1920&q=100&fm=webp
54.230.111.2200 OK 52 kB URL HTTP/2 images.ctfassets.net/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/67001204dd8d16fa99070e902c512b9c/home-hero.png?w=1920&q=100&fm=webp
IP 54.230.111.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash e0b964ce8a22e37761e5c42b18cb810d
e57271a70e23f87d190556582831c2f91fd4a468
0a7b892b315f0dfecb0edfe9948c2925ebe11e6bb5b0c667bf870ff6ae84772c
GET /9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/67001204dd8d16fa99070e902c512b9c/home-hero.png?w=1920&q=100&fm=webp HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 52080
last-modified: Wed, 11 Jan 2023 01:13:35 GMT
server: Contentful Images API
access-control-allow-origin: *
date: Mon, 30 Jan 2023 02:19:10 GMT
cache-control: max-age=31536000
etag: "e0b964ce8a22e37761e5c42b18cb810d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GPcFfgmrej0jCNfd8Jsrpz3tqoBVoLvkJfiPJigzIDWPpyeyDkM28Q==
age: 26988
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ce1fd91d2179b7bf172f2a7a06e90350
35531bf84512254dd147f3299a95f037b6d8f751
5b160d0d93fb0033edd3970f69dad2ae46e0f93a61977020450927a7deac40f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
images.ctfassets.net/9sy2a0egs6zh/3QUMobP9FN0FgMgyeOg2bX/b92de4778c111566352320823cd9b805/mm-learn.png?w=768&q=100&fm=webp
54.230.111.2200 OK 9.2 kB URL HTTP/2 images.ctfassets.net/9sy2a0egs6zh/3QUMobP9FN0FgMgyeOg2bX/b92de4778c111566352320823cd9b805/mm-learn.png?w=768&q=100&fm=webp
IP 54.230.111.2:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash 7ee2ceeeca4c971dbb733daa4d73bd1e
994f1db2cbfb4df130d3f7be35d2b8bf7f5accd9
f8fd2106a97f85fbcd1a1c96b529b44b2ada436b7f5da893370e4dcf3a32907c
GET /9sy2a0egs6zh/3QUMobP9FN0FgMgyeOg2bX/b92de4778c111566352320823cd9b805/mm-learn.png?w=768&q=100&fm=webp HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 9238
etag: "7ee2ceeeca4c971dbb733daa4d73bd1e"
last-modified: Mon, 30 Jan 2023 07:21:51 GMT
date: Mon, 30 Jan 2023 07:49:34 GMT
cache-control: max-age=31536000
server: Contentful Images API
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c6oDr2gZI4hS_g8BduUBefhRk_RS7T3QDoQMHxIdI8ioOcRuPrNSWg==
age: 7164
X-Firefox-Spdy: h2
i.ytimg.com/vi_webp/YVgfHZMFFFQ/sddefault.webp
142.250.74.118200 OK 18 kB URL HTTP/2 i.ytimg.com/vi_webp/YVgfHZMFFFQ/sddefault.webp
IP 142.250.74.118:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d288755975f12c1b804cce683a56b56b
af27df3ca58c18ccfa231b3ad5089e11b29fb4e1
f27731898ea8846c9a9f428fb8cbe2da7c832a4bb6032af7b4b7f0c64f81de55
GET /vi_webp/YVgfHZMFFFQ/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18434
date: Mon, 30 Jan 2023 09:48:58 GMT
expires: Mon, 30 Jan 2023 11:48:58 GMT
cache-control: public, max-age=7200
etag: "1582837014"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PKXX2FR
142.250.74.72200 OK 69 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PKXX2FR
IP 142.250.74.72:0
File type ASCII text, with very long lines (18907)
Hash b3f474488dcdf5a4ec764eb3ed484a97
e3b5d82027e96df91d4503ec7b874f014ec8664f
720ecc3548c44dd23898189e39a81cfd0f9b776a383f2bdd17bc2fef13c3422b
GET /gtm.js?id=GTM-PKXX2FR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 09:48:58 GMT
expires: Mon, 30 Jan 2023 09:48:58 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
metamask.consensys.net/fonts/EuclidCircularB-Regular-WebXL.woff2
185.199.109.153200 OK 45 kB URL HTTP/2 metamask.consensys.net/fonts/EuclidCircularB-Regular-WebXL.woff2
IP 185.199.109.153:0
File type Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Hash 2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
Analyzer Verdict Alert fortinet Phishing
GET /fonts/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: font/woff2
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: "63d7746b-b08c"
expires: Mon, 30 Jan 2023 09:58:58 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 1D22:A8BE:14D94DE:15C3127:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.947041,VS0,VE335
vary: Accept-Encoding
x-fastly-request-id: bc96f7ba5750516d0c5fb73f00dceba17313df72
content-length: 45196
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash b03dc6f6a9ff7dcd39bbc4dde709d434
7fa1906b24c8ad2141f48729c7ee34138fe8511f
5a8e77d3760aa3723e321da1d93feedb57d37c92b80274a0ac5a3a27dd3cf6bf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5873
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Last-Modified: Mon, 30 Jan 2023 08:11:06 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 727
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ce1fd91d2179b7bf172f2a7a06e90350
35531bf84512254dd147f3299a95f037b6d8f751
5b160d0d93fb0033edd3970f69dad2ae46e0f93a61977020450927a7deac40f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 09:41:41 GMT
age: 437
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5507
Expires: Mon, 30 Jan 2023 11:20:45 GMT
Date: Mon, 30 Jan 2023 09:48:58 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
metamask.consensys.net/121cd9c2bdc4dd8c8ec9ead858719809d6d18de3-bf3069aa2870b9b75ba3.js
185.199.109.153200 OK 691 kB URL HTTP/2 metamask.consensys.net/121cd9c2bdc4dd8c8ec9ead858719809d6d18de3-bf3069aa2870b9b75ba3.js
IP 185.199.109.153:0
File type ASCII text, with very long lines (65417)
Size 691 kB (691072 bytes)
Hash e826d61a99b0b315d95a50a28e75f217
eb2a6892a3d4f22eb0443f137b4d0febea6d5930
3c604d53ac9726f11e80d8c0d7e5d4d66ca7e1b0ae2e08cb9cc2c9e30acfe5ea
Analyzer Verdict Alert fortinet Phishing
GET /121cd9c2bdc4dd8c8ec9ead858719809d6d18de3-bf3069aa2870b9b75ba3.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-22ba86"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 1F84:0B48:1ACF190:1BFD4EE:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 1
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.916542,VS0,VE687
vary: Accept-Encoding
x-fastly-request-id: f137920ea9af31ea3fe28fb2d63e97c9b1508241
content-length: 691072
X-Firefox-Spdy: h2
acsbapp.com/apps/app/dist/js/app.js
83.229.67.229200 OK 144 kB URL HTTP/2 acsbapp.com/apps/app/dist/js/app.js
IP 83.229.67.229:0
File type Unicode text, UTF-8 text, with very long lines (61915), with no line terminators
Size 144 kB (143894 bytes)
Hash c16c1de20c24aabaaf524bf48e2e2316
89b23e434f3e7f32a261e0ce7e4d34d8bb78f467
dd6dfc51d230a938278450fa5cb31fb0aaf040f040a0ba189c05648e54dc20a2
GET /apps/app/dist/js/app.js HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Tue, 31 Jan 2023 09:48:58 GMT
content-type: application/x-javascript
last-modified: Thu, 26 Jan 2023 13:36:03 GMT
etag: "6bcef-63d281c3-678819b673a2fdb4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 143894
date: Mon, 30 Jan 2023 09:48:58 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=75593
date: Mon, 30 Jan 2023 09:48:59 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
metamask.consensys.net/icons/icon-48x48.png?v=48400a28770e10dd52a8c0e539aeb282
185.199.109.153200 OK 4.2 kB URL HTTP/2 metamask.consensys.net/icons/icon-48x48.png?v=48400a28770e10dd52a8c0e539aeb282
IP 185.199.109.153:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 7688ebe09d93b68eb4a23536f7b7aefb
5b33f4a405eb2f178146d1016fbf2046c1c77866
918a76a5bebc21af888b92725ad9207b7c6886f6035d5b5115999251b58ba9e8
Analyzer Verdict Alert fortinet Phishing
GET /icons/icon-48x48.png?v=48400a28770e10dd52a8c0e539aeb282 HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: image/png
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: "63d7746b-1072"
expires: Mon, 30 Jan 2023 09:58:58 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 63C0:676F:172AE0D:181F92D:63D7928A
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072139.905912,VS0,VE110
vary: Accept-Encoding
x-fastly-request-id: 3a66a50eb90b53498a0582d19d833b0b5b758c32
content-length: 4210
X-Firefox-Spdy: h2
images.ctfassets.net/9sy2a0egs6zh/Cgl4g0Z2URG5PhRXT7CjP/54984377c95ba08d7aa5b36acb038b61/Browse-illo.svg
54.230.111.2200 OK 11 kB URL HTTP/2 images.ctfassets.net/9sy2a0egs6zh/Cgl4g0Z2URG5PhRXT7CjP/54984377c95ba08d7aa5b36acb038b61/Browse-illo.svg
IP 54.230.111.2:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2226)
Hash b6301a0f3b2e09643ed4fbe745ab70b6
6fbe55f5eda5c41fc2b8a4a9bc700c02f2707570
cd1fc6d832e942f9b755258fc519fba781ed1018433635e19b95c4236e45d16c
GET /9sy2a0egs6zh/Cgl4g0Z2URG5PhRXT7CjP/54984377c95ba08d7aa5b36acb038b61/Browse-illo.svg HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 14 Oct 2021 12:25:00 GMT
server: Contentful Images API
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 30 Jan 2023 05:33:25 GMT
cache-control: max-age=31536000
etag: W/"afeafb6a9f14bd7771c63015be5a05c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nVkCbevLrYtc9V03q1IOI6tFMZKHNaTgKvmAQ3s9ztMbOiSr0gfL2g==
age: 20574
X-Firefox-Spdy: h2
vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html
54.230.111.75200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html
IP 54.230.111.75:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Hash c34915675a9e912c93dac934322be7d1
1d0c20a805821d76fdef8b95eace30ac659a9454
091ab4e6d3f86a5e7bc8c7c3e9805df420c13f77627902dd204abc1f28b6336d
GET /box-fc6c0cda90900662e5160cde908b3e86.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 27 Jan 2023 09:04:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "c34915675a9e912c93dac934322be7d1"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HPR3Q5vHDt8_PHH1Z6KQCZcPDn8gxTxUuOfmLjn7NJ82mKeDsz8_3w==
age: 261893
X-Firefox-Spdy: h2
script.hotjar.com/modules.dcdf252a9a6cf097c357.js
54.230.111.79200 OK 68 kB URL HTTP/2 script.hotjar.com/modules.dcdf252a9a6cf097c357.js
IP 54.230.111.79:0
File type Unicode text, UTF-8 text, with very long lines (48602)
Hash 4ab050de5a6437b8d1f5955ab1dbfb07
498e55a41dc3df84cf825bd946a1300a04b38677
87cbfe168c8537c46132cab67a16afe706796b7f301ac8dc5bd8f9ea847e4a72
GET /modules.dcdf252a9a6cf097c357.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 68336
date: Fri, 27 Jan 2023 09:04:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "4ab050de5a6437b8d1f5955ab1dbfb07"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bN7hS6oK7Retmt1xw17FZU40Rf8T_uYBbpeLpTNKoQIdr5GD4J8B-g==
age: 261894
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D451393%26conversionId%3D7543513%26fmt%3Dgif%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D451393%26conversionId%3D7543513%26fmt%3Dgif%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D451393%26conversionId%3D7543513%26fmt%3Dgif%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metamask.consensys.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?pid=451393&conversionId=7543513&fmt=gif&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&63457c48-cc34-46f4-8a1f-139f86dc872d"; Domain=.linkedin.com; Expires=Tue, 30-Jan-2024 09:48:59 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230130094859d9c5c376-6f98-4611-877d-962ba78becc5AQGZ_cXxIxJbeZbWRnwNHr1mkERlZ7BR"; Domain=.www.linkedin.com; Expires=Tue, 30-Jan-2024 09:48:59 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzUwNzIxMzk7MjswMjEl/yJxoseWlc76/o8OMcwVz8phC28KilwxZUeegULalw==; Domain=.linkedin.com; Expires=Sat, 29 Jul 2023 09:48:59 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2478:u=1:x=1:i=1675072139:t=1675158539:v=2:sig=AQFkxH4B0b8Jdy9l7aUMde12agP8ylgu"; Expires=Tue, 31 Jan 2023 09:48:59 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXzeB/VpFMPKKDIhYBojQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F2DD05F4BAAA4BE89F501AC0C9D83550 Ref B: OSL30EDGE0314 Ref C: 2023-01-30T09:48:59Z
date: Mon, 30 Jan 2023 09:48:58 GMT
content-length: 0
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=451393&time=1675072150569&url=https%3A%2F%2Fmetamask.consensys.net%2F
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=451393&time=1675072150569&url=https%3A%2F%2Fmetamask.consensys.net%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=451393&time=1675072150569&url=https%3A%2F%2Fmetamask.consensys.net%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D451393%26time%3D1675072150569%26url%3Dhttps%253A%252F%252Fmetamask.consensys.net%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIoshsFWfDh1QAAAYYCFHAb1GHLbOqrBEzN7AUmWJJpVxECT7COiFioJe5qXaDbNh2JOr3EVWMKBQ; Max-Age=2592000; Expires=Wed, 01 Mar 2023 09:48:59 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJoQ1AaNBnVIAAAAYYCFHAbqXljoqmRLMgAADcCpWRtMRNXjjqoS3NyGADilOd5INBc1beP_1T55iGd0AW_Pg; Max-Age=2592000; Expires=Wed, 01 Mar 2023 09:48:59 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&091f2daf-97bb-4654-88d5-ec8c845e2891"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 09:48:59 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2450:u=1:x=1:i=1675072139:t=1675158539:v=2:sig=AQFkJNzlJ9OFRozUe4rholp_FFLA34Vf"; Expires=Tue, 31 Jan 2023 09:48:59 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXzeB/V1H9R38y2GcdZMg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 89801207F57343E0BE19C721733A5247 Ref B: OSL30EDGE0314 Ref C: 2023-01-30T09:48:59Z
date: Mon, 30 Jan 2023 09:48:58 GMT
content-length: 0
X-Firefox-Spdy: h2
cdn.acsbapp.com/cache/app/metamask.consensys.net/config.json
83.229.67.229200 OK 159 B URL HTTP/2 cdn.acsbapp.com/cache/app/metamask.consensys.net/config.json
IP 83.229.67.229:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a587fd2cf4010a97ce949fd102c5c472
31af3d56dd12ae83ab439ffb784f793a6b9ef762
5eccee2c5dcfe657ae469b763369ed2a4ce15f136096954069cdf26ba7dcda0d
GET /cache/app/metamask.consensys.net/config.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metamask.consensys.net/
Origin: https://metamask.consensys.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Tue, 31 Jan 2023 09:48:59 GMT
content-type: application/json
last-modified: Mon, 30 Jan 2023 09:48:14 GMT
etag: "9f-63d7925e-b4fdeadb76f0971b;;;"
accept-ranges: bytes
content-length: 159
date: Mon, 30 Jan 2023 09:48:59 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/451393/domain/metamask.consensys.net/token
54.230.111.112200 OK 62 B URL HTTP/2 cdn.linkedin.oribi.io/partner/451393/domain/metamask.consensys.net/token
IP 54.230.111.112:0
File type JSON data\012- , ASCII text, with no line terminators
Hash d39abb34da93ec5faa48669ac4788977
cc2627a86b99e91540251b6fb7e17a9b1faa1ee7
b329d16bd7e06de93beac4a9e4d67b8be6d1c944b7b8e398b929460f73b7c4ce
GET /partner/451393/domain/metamask.consensys.net/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metamask.consensys.net
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Mon, 30 Jan 2023 09:48:59 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oOhdEBRB3L0MciehSEGu0NXHWuh1KWcGiMoDw_1_GadWp17JxLjftQ==
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?pid=451393&conversionId=7543513&fmt=gif&liSync=true
13.107.42.14200 OK 65 B URL HTTP/2 px.ads.linkedin.com/collect?pid=451393&conversionId=7543513&fmt=gif&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash 8b0d5b18476ae12e2476f3621d54c4a5
2ad669e9d207fbb37e84dda25766dbaeb66d792c
2d7244b6960d26ae56f048f162f02949ca7858be19d9349ec82906e56dfa3cfe
GET /collect?pid=451393&conversionId=7543513&fmt=gif&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metamask.consensys.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 65
content-type: image/gif
content-encoding: gzip
vary: Accept-Encoding
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&15ddde23-4e75-466a-8312-2cfd3c72830e"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 09:48:59 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2422:u=1:x=1:i=1675072139:t=1675158539:v=2:sig=AQEqFlGeqCdKdqqKA-Q-Yl7wQPNlKAq1"; Expires=Tue, 31 Jan 2023 09:48:59 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzeB/czOPCDK38zYfYcA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C746170BAF5349F8806CF2C99017D6F5 Ref B: OSL30EDGE0314 Ref C: 2023-01-30T09:48:59Z
date: Mon, 30 Jan 2023 09:48:59 GMT
X-Firefox-Spdy: h2
metamask.consensys.net/14-a22f24b34fcfe8148bb3.js
185.199.109.153200 OK 9.5 kB URL HTTP/2 metamask.consensys.net/14-a22f24b34fcfe8148bb3.js
IP 185.199.109.153:0
File type ASCII text, with very long lines (31941)
Hash 696ecef084c1e69ab1590aca5fdddee9
0cc04a0094ee39a099f0c9662448a75ea5dbb89d
28fa3a2726baab6acafa8a767df11a30e543c7d17576b8599acfa3a932f1726b
Analyzer Verdict Alert fortinet Phishing
GET /14-a22f24b34fcfe8148bb3.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-7cf9"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 0C68:9B1B:1FD4405:2125519:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.784635,VS0,VE117
vary: Accept-Encoding
x-fastly-request-id: 85285b6a35e27e474bd1e43c62a5c7dd98e86775
content-length: 9459
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2980129.js?sv=6
54.230.111.113200 OK 4.7 kB URL HTTP/2 static.hotjar.com/c/hotjar-2980129.js?sv=6
IP 54.230.111.113:0
File type ASCII text, with very long lines (7535)
Hash 131e35aa082b41dcb214a8b78faebfe8
8aa6ab247faf04f1013ba688a7a57a80488a0b09
3289ec24ce837c773802a22fc833c828cd6f80f44b59162111d39d4a1564abdf
GET /c/hotjar-2980129.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 09:48:59 GMT
cache-control: max-age=60
etag: W/9b6cd9e455439ca56e828418a850d119
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v4HMC2R_r38nCm_aqS4WQI9Yy0JEYTsWdLCQ2Yzcy_4vr3xZ0KyGpw==
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/buy-crypto/page-data.json
185.199.109.153200 OK 41 kB URL HTTP/2 metamask.consensys.net/page-data/buy-crypto/page-data.json
IP 185.199.109.153:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 3c85d6a4ac0fff72886704721f4fdf83
a12bba826aaaf6795e92eb9b12b6b6753b1af6ef
2ae8fd7acd6c20c0da36e3fa4926bb7c13f5039541619effddf574e76efe8177
Analyzer Verdict Alert fortinet Phishing
GET /page-data/buy-crypto/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-2ca0c"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 447E:9B1B:1FD4407:212551D:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.795935,VS0,VE111
vary: Accept-Encoding
x-fastly-request-id: 3b35b94cb13ede29ac02eb719c4031a9276ac1dc
content-length: 40662
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/about/page-data.json
185.199.109.153200 OK 14 kB URL HTTP/2 metamask.consensys.net/page-data/about/page-data.json
IP 185.199.109.153:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 097da75d4af62436f3fa46bffcaacd57
864ce95ffce1c90f2eb9bd9ccbf039ca7e41f9be
ebe6ac71223c5d898937460daad45e6da0f16003dd2617f12763af51c6611c39
Analyzer Verdict Alert fortinet Phishing
GET /page-data/about/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-10942"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: DB2E:9002:149DFA3:1587BC0:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.790637,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: 20d8370c884e48d548d52809db419d4d9e1e883a
content-length: 13775
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/snaps/page-data.json
185.199.109.153200 OK 33 kB URL HTTP/2 metamask.consensys.net/page-data/snaps/page-data.json
IP 185.199.109.153:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 7d5a615a863848cb3c751efadc450394
7e857cd6e72125225bfbca6738e7be216b78dc4d
585cfcbb15a6c0deccc69ecf5963633517453d8fcb0ee0e37241fcbe06faa328
Analyzer Verdict Alert fortinet Phishing
GET /page-data/snaps/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-20fb0"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 6690:11B79:133219E:1411545:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.794136,VS0,VE117
vary: Accept-Encoding
x-fastly-request-id: 16fdfdf1e86abc893e1bfd243141ced301881ca2
content-length: 33184
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/1559/page-data.json
185.199.109.153200 OK 26 kB URL HTTP/2 metamask.consensys.net/page-data/1559/page-data.json
IP 185.199.109.153:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 7ec498e0ebc5fd6d7d213001b5815184
332bdf8f598c4a8dddf7482e6b3fd09ef60a0a20
945b42a536465869d3d7d5c8c7d7b193e7a87f9d78ba1a8e771d06727f1544bd
Analyzer Verdict Alert fortinet Phishing
GET /page-data/1559/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-1a28f"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B284:DD43:22668D9:23E0B3E:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.795214,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: 3660be89044d0c4e143eaa9ab7b0ffde56164c50
content-length: 26208
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/news/page-data.json
185.199.109.153200 OK 16 kB URL HTTP/2 metamask.consensys.net/page-data/news/page-data.json
IP 185.199.109.153:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash 2bf4695d11ad1302e51c6ae3a80adb3b
632d2289eef4c0addf25277202611bfa569c7a6d
66b90b8ff19ec03406950d9d621bcde5e50f6a8c99e346786185d3295ed6cf66
Analyzer Verdict Alert fortinet Phishing
GET /page-data/news/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-124ab"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 1F7E:3359:16D8F0E:17D297E:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.796710,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: a4fd0f326f7767c0b022fd4f78f7f4e4e52b2835
content-length: 15639
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/swaps/page-data.json
185.199.109.153200 OK 377 kB URL HTTP/2 metamask.consensys.net/page-data/swaps/page-data.json
IP 185.199.109.153:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 377 kB (376974 bytes)
Hash bac6586cfedb2672a490b29eae1eecb7
48bf72a9da346f55549669040901a26903a9ba21
7fc1300055b7b4797ee89ed435353231b39485b4694d9cd34f0a50d0a82e4e78
Analyzer Verdict Alert fortinet Phishing
GET /page-data/swaps/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-13094c"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 35C4:9089:56B41D:5A9C6C:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.793214,VS0,VE167
vary: Accept-Encoding
x-fastly-request-id: 32ce6c242c7f707b36550a40b0d1ebb493686ad8
content-length: 376974
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/flask/page-data.json
185.199.109.153200 OK 18 kB URL HTTP/2 metamask.consensys.net/page-data/flask/page-data.json
IP 185.199.109.153:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash d21f67d66baef26817b73d1db9dd45ff
7185585d93339fcfdeb6bd582eba6eafeb53a4a9
089e999dc13c1c7570f742eb24e5c12ad2b5ad76f10e4c8e21a49e88099959f9
Analyzer Verdict Alert fortinet Phishing
GET /page-data/flask/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-162a8"
expires: Mon, 30 Jan 2023 09:59:00 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 1C0E:676F:172AE95:181F9B6:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:49:00 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.967691,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: 4d7c2bb6a123ee763730297266b301807f77fffd
content-length: 17676
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/download/page-data.json
185.199.109.153200 OK 14 kB URL HTTP/2 metamask.consensys.net/page-data/download/page-data.json
IP 185.199.109.153:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash d06b9b65d628119f6ad83d3cbc90fd38
118cbf680b8a8bf3481e6c514ec358626e7c0dc8
4e1d192017ca5e19bf009236261515c154b4ea03ff7471967867d77071d26874
Analyzer Verdict Alert fortinet Phishing
GET /page-data/download/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-115b6"
expires: Mon, 30 Jan 2023 09:59:00 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 1F7E:3359:16D8F2E:17D2999:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:49:00 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.967308,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 6f8a5c859e9861a5fbbb324fab35caf2fc58ac17
content-length: 14415
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/faqs/page-data.json
185.199.109.153200 OK 19 kB URL HTTP/2 metamask.consensys.net/page-data/faqs/page-data.json
IP 185.199.109.153:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash a4e10439944fc7ae890cc1ece9b1ca22
819fe996a6dc063a69e556019ca3d935ee6753c3
c24565e025e7b80cfa3340034d6e75f8227517b2d56ff5152918439e58e81c6e
Analyzer Verdict Alert fortinet Phishing
GET /page-data/faqs/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-15660"
expires: Mon, 30 Jan 2023 09:59:00 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 4A84:11B79:13321BC:141155B:63D7928C
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:49:00 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.998763,VS0,VE127
vary: Accept-Encoding
x-fastly-request-id: abfa22da7477cf2485267cb2cbaac634b094354d
content-length: 19040
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5322
Expires: Mon, 30 Jan 2023 11:17:42 GMT
Date: Mon, 30 Jan 2023 09:49:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5322
Expires: Mon, 30 Jan 2023 11:17:42 GMT
Date: Mon, 30 Jan 2023 09:49:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5322
Expires: Mon, 30 Jan 2023 11:17:42 GMT
Date: Mon, 30 Jan 2023 09:49:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bb1a5e0a2bb1cacf87189373c118adf4
079974268f755aa38fb2cb32b8bcb748353c793f
1b0519e6bfca30a31b83d427302f7e22140f5b2da6f13cac37ea9c07abc42676
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11095
x-amzn-requestid: dc7c00e2-cd2d-4265-8763-3dd7dbe223ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkFyEhJIAMFjpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f1-541a17c362e95dfa5e90f58f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UuPN6Nq84hFgUDMbvpLTysWfU1JcRiecGH3tkdqDOOXBo9hVhmpMBA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:52 GMT
age: 42548
etag: "079974268f755aa38fb2cb32b8bcb748353c793f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 58384
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
metamask.consensys.net/page-data/institutions/page-data.json
185.199.109.153200 OK 75 kB URL HTTP/2 metamask.consensys.net/page-data/institutions/page-data.json
IP 185.199.109.153:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash c5db551bc88d417af55176912cf3a39a
f9ff1b776f895efa445544886b0f83b3ae1df2d4
9670ad3d9bfd2ed1e55f4b601caa8d7281d02cde1efc16735550064dd81b410a
Analyzer Verdict Alert fortinet Phishing
GET /page-data/institutions/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-4593a"
expires: Mon, 30 Jan 2023 09:59:00 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 805E:A8BE:14D9622:15C3275:63D7928C
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:49:00 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.999168,VS0,VE164
vary: Accept-Encoding
x-fastly-request-id: b358edb723d5221b1d9e248c8ea4b88c158ddfa9
content-length: 75412
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff57d053c-9c4b-473c-bba7-21efecd434c5.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff57d053c-9c4b-473c-bba7-21efecd434c5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0b485aec4da73d34c0e9f038d397871d
aa98f1d472d9ac390270d49e7c1e0ed480760ee9
4add6befb6fd5b1ca37f68e3303e2ac14db1ac36b8c065f87e1f9f3ace5b4e23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff57d053c-9c4b-473c-bba7-21efecd434c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5298
x-amzn-requestid: b58aa40f-ae16-45e3-93d1-9ed4711838e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEsHdNoAMF3Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-0c22a0aa70c34bab594597fc;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5l02cxyNKYZgxK5JRuVPWaModkreUo39kBm51Ck6fm4svKtE75Q7qQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:04:23 GMT
age: 42277
etag: "aa98f1d472d9ac390270d49e7c1e0ed480760ee9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 43058
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 42573
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
34.120.237.76200 OK 3.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e8d680cbaee5ef3e7b8e09b174ed6ecf
6651a0d3041920798240ea67e827c3d458769fa9
4c74e8ebff95e67da678248d3dc1d3f42d98c8a0d33d54d9d2bde36314c9f952
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3678
x-amzn-requestid: 21cd1ae3-b769-418a-b7f8-5efa486db859
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEvE-RIAMFpmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-6998009c289996563d78616a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XbMeLjDaYoPiw42pUbszzOEqWeUdx01NI6zVLJFgp0r3B_2dHHxX-w==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:45 GMT
age: 41835
etag: "6651a0d3041920798240ea67e827c3d458769fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.acsbapp.com/cache/app/en.build.json
83.229.67.229200 OK 26 kB URL HTTP/2 cdn.acsbapp.com/cache/app/en.build.json
IP 83.229.67.229:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65461), with no line terminators
Hash 0e5a9d6b937f87fe7f96de3be6a04eff
6ca319a97da6139b0871fb1b443e5052f448cafe
d868885a573ada5f0f0adf65d24b35aae45b18aa95a153b2b9e7389877c5af6e
GET /cache/app/en.build.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metamask.consensys.net/
Origin: https://metamask.consensys.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Tue, 31 Jan 2023 09:49:00 GMT
content-type: application/json
last-modified: Sat, 28 Jan 2023 19:02:03 GMT
etag: "3bb7f-63d5712b-127308840042964f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 25923
date: Mon, 30 Jan 2023 09:49:00 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
metamask.consensys.net/component---src-pages-download-js-0152698db87ed7632942.js
185.199.109.153200 OK 1.7 kB URL HTTP/2 metamask.consensys.net/component---src-pages-download-js-0152698db87ed7632942.js
IP 185.199.109.153:0
File type ASCII text, with very long lines (4785)
Hash e7f3dd3f78f2d0e714e1d468364b13fe
6f2a3ccfd499bfa26683d443d988614e6ed88100
08266bf334c2450cf4723dd799ec4795a9e658873baf583c0ac149156e9a0deb
Analyzer Verdict Alert fortinet Phishing
GET /component---src-pages-download-js-0152698db87ed7632942.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151; _gat=1; ln_or=eyI0NTEzOTMiOiJkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-1304"
expires: Mon, 30 Jan 2023 09:59:00 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 85CA:262F:21F2500:236BF62:63D7928C
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:49:00 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.219749,VS0,VE398
vary: Accept-Encoding
x-fastly-request-id: 8e564048d47edcc9b85f0c0ac3c9d2c5b4c694d0
content-length: 1743
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=451393&time=1675072150569&url=https%3A%2F%2Fmetamask.consensys.net%2F&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=451393&time=1675072150569&url=https%3A%2F%2Fmetamask.consensys.net%2F&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=451393&time=1675072150569&url=https%3A%2F%2Fmetamask.consensys.net%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metamask.consensys.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&35372fde-495e-43ca-89b4-c6fd9a2cb291"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 09:49:00 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2478:u=1:x=1:i=1675072140:t=1675158540:v=2:sig=AQEpi4u-hxMipspcNPnvDQ4Du0i39TGA"; Expires=Tue, 31 Jan 2023 09:49:00 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXzeB/qpK07SGma33cPPQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 3A2748BF889746E49D242B463FC4370E Ref B: OSL30EDGE0314 Ref C: 2023-01-30T09:49:00Z
date: Mon, 30 Jan 2023 09:48:59 GMT
content-length: 0
X-Firefox-Spdy: h2
web1.acsbapp.com/apps/app/dist/media/logomono.svg
138.128.247.123200 OK 1.2 kB URL HTTP/2 web1.acsbapp.com/apps/app/dist/media/logomono.svg
IP 138.128.247.123:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 5a1c5c803738f6acbab0a79379c92c10
9f4639325d9e8e69ccc2bfc30d0f83d7dd11cd79
04009697f389893748179c149cad7b1e399d23a2284637350fe07ad94ffa5350
GET /apps/app/dist/media/logomono.svg HTTP/1.1
Host: web1.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Tue, 30 Jan 2024 09:49:00 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1210
date: Mon, 30 Jan 2023 09:49:00 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2
images.ctfassets.net/9sy2a0egs6zh/6pMllIhB6PaXHCfJTfJYlq/a3341f30db14c7a154fac58608caf67e/Firefox_Logo.svg
54.230.111.2200 OK 0 B URL HTTP/2 images.ctfassets.net/9sy2a0egs6zh/6pMllIhB6PaXHCfJTfJYlq/a3341f30db14c7a154fac58608caf67e/Firefox_Logo.svg
IP 54.230.111.2:0
GET /9sy2a0egs6zh/6pMllIhB6PaXHCfJTfJYlq/a3341f30db14c7a154fac58608caf67e/Firefox_Logo.svg HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 14 Jun 2022 02:40:32 GMT
server: Contentful Images API
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 30 Jan 2023 04:16:30 GMT
cache-control: max-age=31536000
etag: W/"7ab1520d2f60ffff326be5e95af56b94"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wopqIPJWh9v5nhWcGvWcBwop2QL_wClR2cALNazyqSI4sNK26HP9Xg==
age: 19950
X-Firefox-Spdy: h2
images.ctfassets.net/9sy2a0egs6zh/5w0q0fWbGtmiSts6oIDJ5x/6746f0e6d562c0e8315d841eb4c85f87/Explore-illo.svg
54.230.111.2200 OK 0 B URL HTTP/2 images.ctfassets.net/9sy2a0egs6zh/5w0q0fWbGtmiSts6oIDJ5x/6746f0e6d562c0e8315d841eb4c85f87/Explore-illo.svg
IP 54.230.111.2:0
GET /9sy2a0egs6zh/5w0q0fWbGtmiSts6oIDJ5x/6746f0e6d562c0e8315d841eb4c85f87/Explore-illo.svg HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 14 Oct 2021 12:32:54 GMT
server: Contentful Images API
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 30 Jan 2023 06:05:48 GMT
cache-control: max-age=31536000
etag: W/"46fb450c5ecf6da758bca0975551f056"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G_07P0TdReNKlNactqMGZfNyO0GgzOuLKqKpPySFWrKk91NP0piy2w==
age: 14215
X-Firefox-Spdy: h2
images.ctfassets.net/9sy2a0egs6zh/78HoDbPwuWz8M6er6joJdE/c440f3e5d7262a424f13da69a46e958a/wallet-illo.svg
54.230.111.2200 OK 0 B URL HTTP/2 images.ctfassets.net/9sy2a0egs6zh/78HoDbPwuWz8M6er6joJdE/c440f3e5d7262a424f13da69a46e958a/wallet-illo.svg
IP 54.230.111.2:0
GET /9sy2a0egs6zh/78HoDbPwuWz8M6er6joJdE/c440f3e5d7262a424f13da69a46e958a/wallet-illo.svg HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 14 Oct 2021 12:35:03 GMT
server: Contentful Images API
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 30 Jan 2023 05:33:25 GMT
cache-control: max-age=31536000
etag: W/"63ad7f01f67accd6aafb47999640abe5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gJqePMdEb6l8uRv5p_32T_5HlBfY1KQ9CRB3bvn2l_pRTs4yQnxGQQ==
age: 16639
X-Firefox-Spdy: h2
www.youtube.com/iframe_api
142.250.74.110200 OK 0 B URL HTTP/2 www.youtube.com/iframe_api
IP 142.250.74.110:0
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Mon, 30 Jan 2023 09:48:58 GMT
date: Mon, 30 Jan 2023 09:48:58 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Y_pQ1re03_4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRNNE1EQTFNVE0zTmpNNU5UY3lNQT09EIql3p4GGIql3p4G; Domain=.youtube.com; Expires=Sat, 29-Jul-2023 09:48:58 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=5K5h32nJEpk; Domain=.youtube.com; Expires=Sat, 29-Jul-2023 09:48:58 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+513; expires=Wed, 29-Jan-2025 09:48:58 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2