Report - metamask.consensys.net/

Report Overview

Submitted URL
metamask.consensys.net/
IP
185.199.110.153
ASN
#54113 FASTLY
Submitted
2023-01-30 09:49:08
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
58

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-13T06:00:13Z	341 B	993 B	93.184.220.29
acsbapp.com	5220	2020-08-14T07:49:08Z	2023-03-13T08:13:31Z	377 B	144 kB	83.229.67.229
script.hotjar.com	887	2020-11-05T17:23:46Z	2023-03-13T07:54:54Z	391 B	69 kB	54.230.111.79
www.youtube.com	90	2013-04-13T09:43:20Z	2023-03-13T05:09:12Z	368 B	1.4 kB	142.250.74.110
cdn.acsbapp.com	5589	2020-08-16T08:12:24Z	2023-03-13T08:45:46Z	869 B	27 kB	83.229.67.229
metamask.consensys.net	unknown	2022-01-28T09:20:57Z	2023-01-30T07:36:29Z	13 kB	1.6 MB	185.199.108.153
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.4 kB	6.2 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.1 kB	4.2 kB	142.250.74.131
snap.licdn.com	1044	2014-10-06T10:43:45Z	2023-03-13T05:12:55Z	388 B	5.1 kB	23.36.76.210
vars.hotjar.com	1014	2020-11-05T11:13:14Z	2023-03-12T19:56:22Z	512 B	1.7 kB	54.230.111.75
www.linkedin.com	608	2015-06-18T18:10:03Z	2023-03-13T05:12:57Z	525 B	2.5 kB	13.107.42.14
cdn.linkedin.oribi.io	unknown	2022-10-19T16:36:39Z	2023-03-13T05:12:57Z	448 B	478 B	54.230.111.112
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	52 kB	34.120.237.76
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
images.ctfassets.net	4623	2017-09-20T18:27:05Z	2023-03-13T05:14:25Z	2.9 kB	76 kB	54.230.111.2
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	388 B	70 kB	142.250.74.72
i.ytimg.com	109	2012-10-03T19:11:04Z	2023-03-13T08:43:01Z	409 B	19 kB	142.250.74.118
px.ads.linkedin.com	522	2018-06-15T13:29:56Z	2023-03-13T07:16:10Z	1.4 kB	3.2 kB	13.107.42.14
static.hotjar.com	641	2014-11-01T06:14:27Z	2023-03-13T05:12:51Z	384 B	5.3 kB	54.230.111.113
web1.acsbapp.com	37191	2021-03-10T10:46:33Z	2023-02-13T13:20:39Z	412 B	1.6 kB	138.128.247.123

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-30	medium	metamask.consensys.net/	Phishing
2023-01-30	medium	metamask.consensys.net/	Phishing
2023-01-30	medium	metamask.consensys.net/webpack-runtime-1b41a958b9e8199e5fd7.js	Phishing
2023-01-30	medium	metamask.consensys.net/29107295-3224358509236f95435e.js	Phishing
2023-01-30	medium	metamask.consensys.net/framework-a8ceb9e565121e1d4bfa.js	Phishing
2023-01-30	medium	metamask.consensys.net/styles-407fe62976dc5310c43e.js	Phishing
2023-01-30	medium	metamask.consensys.net/app-a0525f96a575de0f977c.js	Phishing
2023-01-30	medium	metamask.consensys.net/commons-a27fd9eff92e23d4d790.js	Phishing
2023-01-30	medium	metamask.consensys.net/component---src-templates-contentful-layout-js-ace17a9dca4d7b347162.js	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/sq/d/2468095761.json	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/index/page-data.json	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/sq/d/2682959621.json	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/app-data.json	Phishing
2023-01-30	medium	metamask.consensys.net/fonts/EuclidCircularB-Bold-WebXL.woff2	Phishing
2023-01-30	medium	metamask.consensys.net/fonts/EuclidCircularB-Regular-WebXL.woff2	Phishing
2023-01-30	medium	metamask.consensys.net/121cd9c2bdc4dd8c8ec9ead858719809d6d18de3-bf3069aa2870b9b75ba3.js	Phishing
2023-01-30	medium	metamask.consensys.net/icons/icon-48x48.png?v=48400a28770e10dd52a8c0e539aeb282	Phishing
2023-01-30	medium	metamask.consensys.net/14-a22f24b34fcfe8148bb3.js	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/buy-crypto/page-data.json	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/about/page-data.json	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/snaps/page-data.json	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/1559/page-data.json	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/news/page-data.json	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/swaps/page-data.json	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/flask/page-data.json	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/download/page-data.json	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/faqs/page-data.json	Phishing
2023-01-30	medium	metamask.consensys.net/page-data/institutions/page-data.json	Phishing
2023-01-30	medium	metamask.consensys.net/component---src-pages-download-js-0152698db87ed7632942.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (28)

	URL	Size	First Seen	Last Seen
	metamask.consensys.net/webpack-runtime-1b41a958b9e8199e5fd7.js	4.4 kB	2023-03-13	2023-03-13
Pretty URL metamask.consensys.net/webpack-runtime-1b41a958b9e8199e5fd7.js IP 185.199.109.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:17:58 Last Seen2023-03-13 12:17:58 Times Seen1 Hash 7a772781b8eab7deb4abcef495a957d1 a4c4fdc17695f41554420803d3a843837f2472cf 3a0e9dd640ce43bd6b338f62516d367db4325be4f718ac35791c4dfa98f2912b Loading...

	metamask.consensys.net/	327 B	2023-03-13	2023-03-13
Pretty URL metamask.consensys.net/ IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:17:58 Last Seen2023-03-13 12:17:58 Times Seen1 Hash a12cf35aae343fc14574da992dd6d7e5 145301de42b355efdf641d22ea1976032a065f81 f0c4363cb6bb456e4b2077b02530d6ad39d18a0eac3df630cc90ae3274838fec Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html	2.3 kB	2023-03-13	2023-03-13
Pretty URL vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html IP 54.230.111.75 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:21:05 Last Seen2023-03-13 12:30:58 Times Seen1 Hash 983620ba38875e5ee386529259dcd4d2 f6cf706d0835241f7d6d7ca2c4a126c2b4a7540f aaca3fba5e0e8f5569b2435197b4fca0bc7105ab10d186c7d115a43ddb136050 Loading...

	metamask.consensys.net/	1.2 kB	2023-03-07	2024-04-21
Pretty URL metamask.consensys.net/ IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:10:27 Last Seen2024-04-21 10:42:27 Times Seen123 Hash d166448bbab68e8bd7c9d83e885dad28 10d3deaed63e80738656da29cbdd04c96df2222e f4c02bc5ca0269c94b448680f554808620de5af1612166b0c6be4256053ed15a Loading...

	metamask.consensys.net/styles-407fe62976dc5310c43e.js	117 B	2023-03-07	2024-04-18
Pretty URL metamask.consensys.net/styles-407fe62976dc5310c43e.js IP 185.199.109.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:25:55 Last Seen2024-04-18 23:58:03 Times Seen85 Hash 6fb71a03e6e04f04a2142d3cd51c5a03 f217851828b8f5fb31f21476d0e2afea2cdf5d26 cf78e3bcf3150d9c1c3b4be5a3f8874e83dabebadebb9374cb607e2cb260e996 Loading...

	metamask.consensys.net/	40 B	2023-03-07	2024-04-26
Pretty URL metamask.consensys.net/ IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:24 Last Seen2024-04-26 17:37:07 Times Seen587 Hash 191d5df2a4ba594130fc7503f72d3bf9 d28ea5177714a531bfa228bfed4c21107931e422 7a0a5b96eaa40fc353d1b6376d6cbbada33db5120c91f5166e8ab463c2aab059 Loading...

	metamask.consensys.net/	1.1 kB	2023-03-07	2024-04-18
Pretty URL metamask.consensys.net/ IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:12 Last Seen2024-04-18 23:58:03 Times Seen21 Hash d609b65a619457893aba7aa524389e28 416836d49ec7c2ed155c6e068ec63efe6802ca08 8fd94bbd17a3bfbb34d1068b136c74cfa7c9fd384068e47d542a2d517280d05d Loading...

	metamask.consensys.net/framework-a8ceb9e565121e1d4bfa.js	23 kB	2023-03-13	2023-03-13
Pretty URL metamask.consensys.net/framework-a8ceb9e565121e1d4bfa.js IP 185.199.109.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:17:58 Last Seen2023-03-13 12:17:58 Times Seen1 Hash b51b1d776fc30c48a8da9c48c820d2d8 89d21217c682078ecd36b6d5d70b322a21c23300 cbfb30862094d8288a06de327b43f130613d46f016ae5393ed0ec4d4111fce9f Loading...

	www.youtube.com/iframe_api	1.0 kB	2023-03-12	2023-03-13
Pretty URL www.youtube.com/iframe_api IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:51:59 Last Seen2023-03-13 12:17:58 Times Seen1 Hash af09d3bbe3f41df9d8abc4d4a67be856 73f2f68253e58c9119b7cc40e5af5c4c1fcae709 0f67626a7f95163cb1cb222445011c0c5c55ce9e647659d24d6287bbec172757 Loading...

	metamask.consensys.net/	433 B	2023-03-13	2023-03-13
Pretty URL metamask.consensys.net/ IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:17:58 Last Seen2023-03-13 12:17:58 Times Seen1 Hash a58077d41fffcf516e7bfbd9843aadec d185e589688a60683450ce7aed06c16c7927a6a2 d8afb7a71742ee1bb81e12ad2bdf4674675822f827121d6d89af1d690a8189f0 Loading...

	metamask.consensys.net/	509 B	2023-03-07	2024-04-18
Pretty URL metamask.consensys.net/ IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:17:12 Last Seen2024-04-18 23:58:03 Times Seen19 Hash 1e40756a23513b43e7f9b2306759d906 8eac91aa05ca32f24dcb761b25148ebe5bd6ab02 a7b18ce49d3a0dfd2d8cbb480514d13df5250a1969d8d107b8056fe51511aa14 Loading...

	snap.licdn.com/li.lms-analytics/insight.min.js	13 kB	2023-03-12	2024-03-30
Pretty URL snap.licdn.com/li.lms-analytics/insight.min.js IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 18:01:01 Last Seen2024-03-30 11:38:49 Times Seen5925 Hash b846c9d158853dd4aa95d3d7407ed8bb 2cf0eb02a22e8bd80d19a50a84593420d777d5db f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f Loading...

	metamask.consensys.net/	568 B	2023-03-11	2024-04-18
Pretty URL metamask.consensys.net/ IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 08:55:53 Last Seen2024-04-18 23:58:03 Times Seen16 Hash ac4c1487b0dec0071e082c4eedea3f8c d2aa98127da64572786c58510be525cf2318d8ae 44a98bf3661626755e647e0f1174a3c3b86712b5f0b6c9894a999812af02f41f Loading...

	metamask.consensys.net/29107295-3224358509236f95435e.js	73 kB	2023-03-07	2024-04-18
Pretty URL metamask.consensys.net/29107295-3224358509236f95435e.js IP 185.199.109.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:39:01 Last Seen2024-04-18 23:58:02 Times Seen55 Hash ae4c29c17991e3c8f1cac8b8d38c0e50 bf089e4d851f65453aff80213d79cbd13ab35b2c 070f12c1e7ce03beff27486caa898c8bd9b7b962a7f9b354b9018882ae49c6e0 Loading...

	metamask.consensys.net/	197 B	2023-03-07	2024-04-26
Pretty URL metamask.consensys.net/ IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:39:52 Last Seen2024-04-26 19:35:20 Times Seen1787 Hash 33da6fbd440964f02ed4bfe1d0919874 7b2a563fe1eabd7c1b7caafd938e23c622105075 e27c41c2f1adae8906364a83d8ec4eb7c634ecfedc6891e4d34b06c233581792 Loading...

	www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js	188 kB	2023-03-12	2023-03-13
Pretty URL www.youtube.com/s/player/4248d311/www-widgetapi.vflset/www-widgetapi.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:41:10 Last Seen2023-03-13 13:25:08 Times Seen1 Hash 15f73f93d6e336c167d55eaa801fcd52 e4c4822c25c4948890c1a41826c6e3f0902e2d5a 79fd5090a5c6183320b1f33277853bae56cf68f320de8f7d68be080d2cae837c Loading...

	static.hotjar.com/c/hotjar-2980129.js?sv=6	7.8 kB	2023-03-13	2023-03-13
Pretty URL static.hotjar.com/c/hotjar-2980129.js?sv=6 IP 54.230.111.113 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:17:58 Last Seen2023-03-13 12:17:58 Times Seen1 Hash 9b6cd9e455439ca56e828418a850d119 e10d46af472a7b361e5e6c719c7f116ace82a326 331495de4094233160cc5ebfb74d66d09b9a7acba8d63226f31e3bb737f0b6cd Loading...

	metamask.consensys.net/14-a22f24b34fcfe8148bb3.js	32 kB	2023-03-13	2023-03-13
Pretty URL metamask.consensys.net/14-a22f24b34fcfe8148bb3.js IP 185.199.109.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:17:58 Last Seen2023-03-13 12:17:58 Times Seen1 Hash 26e0ef87d636ad30edfc5dc89a1c2e9f 9215a7a66d3766ae0e85105c2e17f865b554f84e b32541b7c3e414d855f801fed8c62063c8f01eef914bf378b95b1d639f08906c Loading...

	metamask.consensys.net/5-dfcf9e74da29b125064b.js	3.7 kB	2023-03-13	2023-03-13
Pretty URL metamask.consensys.net/5-dfcf9e74da29b125064b.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:17:58 Last Seen2023-03-13 12:17:58 Times Seen1 Hash de38a2b88eabeed4fa5910cf9abb73c7 c50a01d3274e52e2265f7baaebaa54425a997250 bd7d7abf921839706b656742b2b2ec9ec6c1e1e16278c65d7b16bbfb1c44c11a Loading...

	metamask.consensys.net/	656 B	2023-03-13	2023-03-13
Pretty URL metamask.consensys.net/ IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:17:58 Last Seen2023-03-13 12:17:58 Times Seen1 Hash efa38d1d9328f7e425cadf726099e078 75eb4cafd7d52a0a4706d9a49353f0f59829fe5a 3f65402f70e39ed72766fc83c5c9b1053ac8e51154dc5de32114afc990732921 Loading...

	unknown	0 B	2023-03-07	2024-04-27
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-27 03:01:28 Times Seen37109629 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	metamask.consensys.net/component---src-templates-contentful-layout-js-ace17a9dca4d7b347162.js	7.0 kB	2023-03-13	2023-03-13
Pretty URL metamask.consensys.net/component---src-templates-contentful-layout-js-ace17a9dca4d7b347162.js IP 185.199.109.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:17:58 Last Seen2023-03-13 12:17:58 Times Seen1 Hash 4667d9422dece135eed8480a7061c598 c81a6a865ac4d48025aa659e10a1d7e1d2bc8216 b3a604a8d9ff92e2b2d0543bd2234f208f6467f7ca5320816a47ebc99b4a9ed0 Loading...

	www.youtube.com/iframe_api	992 B	2023-03-12	2023-03-13
Pretty URL www.youtube.com/iframe_api IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:41:10 Last Seen2023-03-13 13:25:08 Times Seen1 Hash dce42b4f9566d4f044fc55980010b167 854c477b5c09518076e7784e22fe2587a2984914 bff70cc67f36c252a4a1053f3047356ca99d93d7e37ff6fc0df8ad6b33ee530c Loading...

	metamask.consensys.net/	777 B	2023-03-13	2023-03-13
Pretty URL metamask.consensys.net/ IP 185.199.108.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:17:58 Last Seen2023-03-13 12:17:58 Times Seen1 Hash e5b26a07dd2fb4ebf0cfa5b0ece5a520 5739a862feb66768029072ef32c16679cab627f3 decfb83fbf64cab315894fc3c62dc244fc9c7fd8ba0e6975791b19f234d6cc32 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PKXX2FR	206 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PKXX2FR IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:17:58 Last Seen2023-03-13 12:17:58 Times Seen1 Hash 00e8b8491496125d8815728eb7d9a32c 01b7ec431cc789b8a243ef3f50dd44a8d3a21577 85476bcc9c81d01759ad4b013d277940f9d8f1e1277d4343dda9987d38da3f1d Loading...

	acsbapp.com/apps/app/dist/js/app.js	442 kB	2023-03-13	2023-03-13
Pretty URL acsbapp.com/apps/app/dist/js/app.js IP 83.229.67.229 ASN #36007 KAMATERA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:31:40 Last Seen2023-03-13 13:24:47 Times Seen1 Hash 82c4dc824a98a8e4e5982f0a1bfd505d 44c507fbd9760e6c9c9dcf0f9e69532907d88ed4 391fe66354f2079a119aeb661faca5539bd015f5ce5c2e13e76d8e6b15fdbb0a Loading...

	metamask.consensys.net/commons-a27fd9eff92e23d4d790.js	91 kB	2023-03-13	2023-03-13
Pretty URL metamask.consensys.net/commons-a27fd9eff92e23d4d790.js IP 185.199.109.153 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:17:59 Last Seen2023-03-13 12:17:59 Times Seen1 Hash bfc34caedf4d3495bffe7dee4df13e97 b0c40a7b750464207276e65598208f3c7695ef14 bf22da92a8510c6c8ead91b155c234a61b79c38c0f9f3e6513d98afeda199960 Loading...

HTTP Transactions (75)

URL IP Response Size

metamask.consensys.net/

185.199.108.153

301 Moved Permanently

162 B

URL HTTP/1.1
metamask.consensys.net/
IP
185.199.108.153:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Connection: keep-alive
Content-Length: 162
Server: GitHub.com
Content-Type: text/html
Location: https://metamask.consensys.net/
X-GitHub-Request-Id: BE06:0EE7:AC79EA:B4C92C:63D79289
Accept-Ranges: bytes
Date: Mon, 30 Jan 2023 09:48:57 GMT
Via: 1.1 varnish
Age: 0
X-Served-By: cache-bma1652-BMA
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1675072137.265907,VS0,VE189
Vary: Accept-Encoding
X-Fastly-Request-ID: 0275f1c3be70d50429d000f5a18cfaaec05a9ad3

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8257
Expires: Mon, 30 Jan 2023 12:06:34 GMT
Date: Mon, 30 Jan 2023 09:48:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10520
Expires: Mon, 30 Jan 2023 12:44:17 GMT
Date: Mon, 30 Jan 2023 09:48:57 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5540
Expires: Mon, 30 Jan 2023 11:21:17 GMT
Date: Mon, 30 Jan 2023 09:48:57 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 09:35:42 GMT
content-type: application/json
age: 795
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: md7ukmmg9es+YyquW5X/CMiZ5jY/pXu9nKsnwbP9Bs6O2M6y6oRcNua7URBBrDMGmU8xpiohdBA=
x-amz-request-id: 3078T8GWDB02SEJJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 09:21:44 GMT
age: 1633
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 09:48:57 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

metamask.consensys.net/

185.199.109.153

200 OK

33 kB

URL HTTP/2
metamask.consensys.net/
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33631)
Size
33 kB (32738 bytes)
Hash
0cafab9a2b4befeaf827e3a78528b484
c9779a6b2e55976c49adff314d097264b7d37468
e08ee447085571d0642c903bece649a6fab79443b9fcf8762d63caf612dc443c

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: GitHub.com
content-type: text/html; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-28ea9"
expires: Mon, 30 Jan 2023 08:17:05 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 4D6E:452F:20CC8B3:223FD70:63D77AA9
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:57 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675072138.626241,VS0,VE113
vary: Accept-Encoding
x-fastly-request-id: cc29d2f1da59cf7f80dbf1ab5ffa3e7b3b66a207
content-length: 32738
X-Firefox-Spdy: h2

metamask.consensys.net/webpack-runtime-1b41a958b9e8199e5fd7.js

185.199.109.153

200 OK

1.9 kB

URL HTTP/2
metamask.consensys.net/webpack-runtime-1b41a958b9e8199e5fd7.js
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (4329)
Size
1.9 kB (1925 bytes)
Hash
055f2e207ca00863fdc90d1be4d92103
ae8ad9279964e6622479c3b5be0da0eeeff7336b
00947e4dbb3e2172b122067164d4381830367ae3fb61259274111a01d926c3b3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /webpack-runtime-1b41a958b9e8199e5fd7.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-112a"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 2E4C:0B48:1ACF190:1BFD4ED:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.912040,VS0,VE110
vary: Accept-Encoding
x-fastly-request-id: 35ff7ca1d5b280372f2ca6c508829d69a72318f4
content-length: 1925
X-Firefox-Spdy: h2

metamask.consensys.net/29107295-3224358509236f95435e.js

185.199.109.153

200 OK

25 kB

URL HTTP/2
metamask.consensys.net/29107295-3224358509236f95435e.js
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65249)
Size
25 kB (25238 bytes)
Hash
4b31de3678e463e4d21b4950ba9955d7
6b2e82654a0e4410bca6c06ddd06d8f07aa5b585
4452b7ddfe298390113dc3ccbdf03ae090e4b9c3a2b7781d8d700dfbc075f284

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /29107295-3224358509236f95435e.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-11b85"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 6672:AB49:2282E19:23FCEE9:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.915073,VS0,VE116
vary: Accept-Encoding
x-fastly-request-id: 5a0eb364fb5d61be979613451588a5b24126bbc5
content-length: 25238
X-Firefox-Spdy: h2

metamask.consensys.net/framework-a8ceb9e565121e1d4bfa.js

185.199.109.153

200 OK

8.3 kB

URL HTTP/2
metamask.consensys.net/framework-a8ceb9e565121e1d4bfa.js
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (22834)
Size
8.3 kB (8347 bytes)
Hash
554277747eb3c1615c020293ee348265
12d0301989ca57644083afd8e8f91fcc75a1d997
73b892a388dd28dea50cb626512dab504060149e608fc639a86aebdc83b926a5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /framework-a8ceb9e565121e1d4bfa.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-596d"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 6774:BFE8:22785BF:23F287D:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.912781,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: 45ec6daa5b65c415d403798e0c5e4d4a8c23617c
content-length: 8347
X-Firefox-Spdy: h2

metamask.consensys.net/styles-407fe62976dc5310c43e.js

185.199.109.153

200 OK

117 B

URL HTTP/2
metamask.consensys.net/styles-407fe62976dc5310c43e.js
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
ASCII text
Size
117 B (117 bytes)
Hash
6fb71a03e6e04f04a2142d3cd51c5a03
f217851828b8f5fb31f21476d0e2afea2cdf5d26
cf78e3bcf3150d9c1c3b4be5a3f8874e83dabebadebb9374cb607e2cb260e996

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /styles-407fe62976dc5310c43e.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: "63d7746b-75"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 304E:3359:16D8E3F:17D289D:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.914357,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: 5a8b709b1acc6ed0b9de213b6db3968b71a72891
content-length: 117
X-Firefox-Spdy: h2

metamask.consensys.net/app-a0525f96a575de0f977c.js

185.199.109.153

200 OK

26 kB

URL HTTP/2
metamask.consensys.net/app-a0525f96a575de0f977c.js
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65453)
Size
26 kB (26473 bytes)
Hash
290cd8e37dc33e01f32c258fd7ad7d59
aff16295ad56dcb85711f1f7548e470b94f81c9b
13e63e160436c48655a2a063e23dc4412cc70f8fa0e2b54150a41808bd9d5fec

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /app-a0525f96a575de0f977c.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-14a5c"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 35C4:9089:56B345:5A9B87:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.913585,VS0,VE126
vary: Accept-Encoding
x-fastly-request-id: 91e5377cf3fb354c74f1e8c8fca689a71214a89e
content-length: 26473
X-Firefox-Spdy: h2

metamask.consensys.net/commons-a27fd9eff92e23d4d790.js

185.199.109.153

200 OK

30 kB

URL HTTP/2
metamask.consensys.net/commons-a27fd9eff92e23d4d790.js
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65438)
Size
30 kB (30544 bytes)
Hash
4ca119afa75569d9728b2081df508ef8
21401a776e80990b5bf05759f14ddbb29a1f8e74
5d3eebfeca08e7f4b5ada0ec6d55b95cd8a05c7c103187bf5758ab730c439f0e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /commons-a27fd9eff92e23d4d790.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-1624d"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 3BBC:BFE8:22785BF:23F287E:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.915887,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: 147b63e390aebaeff759a9dae71393f252839beb
content-length: 30544
X-Firefox-Spdy: h2

metamask.consensys.net/component---src-templates-contentful-layout-js-ace17a9dca4d7b347162.js

185.199.109.153

200 OK

3.0 kB

URL HTTP/2
metamask.consensys.net/component---src-templates-contentful-layout-js-ace17a9dca4d7b347162.js
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (6930)
Size
3.0 kB (2984 bytes)
Hash
2c284f98cd1b45eb3afe58762dd89c31
c5f8f7aa962084f5be155b90ee4e9507bb272d1a
853102b96aefe9fc6982e0e9ebbfe270e8cc07456513f36ef79f051fd333a356

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /component---src-templates-contentful-layout-js-ace17a9dca4d7b347162.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-1b72"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 4A84:11B79:13320A5:141143B:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.917361,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: 9ae80e23a880f65f05d0402b5a2fe4d7a7b6d689
content-length: 2984
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/sq/d/2468095761.json

185.199.109.153

200 OK

106 B

URL HTTP/2
metamask.consensys.net/page-data/sq/d/2468095761.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with no line terminators
Size
106 B (106 bytes)
Hash
762e166643f9bf3c1f238d2f01d906be
dcb798643d96514bbb8bc002b3f4fc3385b3e134
6adf205a86e012f5f32ef595034953abeb6b2056f6424168318e571a56a3c09b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/sq/d/2468095761.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: "63d7746b-6a"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: A3FA:B545:22DACEC:2455004:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.923690,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 0a33448029e33f00284cfa06715b67abaef5b897
content-length: 106
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/index/page-data.json

185.199.109.153

200 OK

24 kB

URL HTTP/2
metamask.consensys.net/page-data/index/page-data.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
24 kB (23741 bytes)
Hash
cec596eeb436d033804f48e0672d439f
d7b42f715d043f2ee2ea907127240dc274f4d0d0
12f443f35d96988fe76a1f888c23cb6aee4e46d6c6797e6e5b64824bef3d36a1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/index/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-18db8"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: C044:10FD5:221F099:2398CAE:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.921136,VS0,VE127
vary: Accept-Encoding
x-fastly-request-id: 3e13372d1be8188f44c268ce90b7f2d7c210a2d2
content-length: 23741
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/sq/d/2682959621.json

185.199.109.153

200 OK

11 kB

URL HTTP/2
metamask.consensys.net/page-data/sq/d/2682959621.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65522), with no line terminators
Size
11 kB (10915 bytes)
Hash
1f7b2bb7e40c0b1795ed47d7d96de4d3
347bb20056eba77aaab0d93e0c682ed7298bf368
2e49b0cfe9e975f25586ea713fd7c573bbc9055bcd08815a8facc4928abc23fa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/sq/d/2682959621.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-1a2dd"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 84C6:3359:16D8E3F:17D289F:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.925790,VS0,VE124
vary: Accept-Encoding
x-fastly-request-id: 271ec3d7a6902468d859103ca14bcbbb50cd2d78
content-length: 10915
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/app-data.json

185.199.109.153

200 OK

50 B

URL HTTP/2
metamask.consensys.net/page-data/app-data.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text
Size
50 B (50 bytes)
Hash
b22a39168ee9681a17075e59761bedca
fdc25c76eed49cc551355604f928f4074f8ad6df
6caa6b702b17a7497e630749aa7c08b64046d519145d03822e089f4061945ae3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/app-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: "63d7746b-32"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 4486:11B79:13320A7:141143D:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.944240,VS0,VE108
vary: Accept-Encoding
x-fastly-request-id: e721dd51e1666ac9d0cf3ba0c12794872dc2898e
content-length: 50
X-Firefox-Spdy: h2

metamask.consensys.net/fonts/EuclidCircularB-Bold-WebXL.woff2

185.199.109.153

200 OK

44 kB

URL HTTP/2
metamask.consensys.net/fonts/EuclidCircularB-Bold-WebXL.woff2
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Size
44 kB (44544 bytes)
Hash
9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: font/woff2
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: "63d7746b-ae00"
expires: Mon, 30 Jan 2023 09:58:58 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 1894:DD43:22667F7:23E0A59:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.947913,VS0,VE114
vary: Accept-Encoding
x-fastly-request-id: 47b199b7fdb2ea6a2a1ce0423d39919a0aef0086
content-length: 44544
X-Firefox-Spdy: h2

images.ctfassets.net/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/67001204dd8d16fa99070e902c512b9c/home-hero.png?w=1920&q=100&fm=webp

54.230.111.2

200 OK

52 kB

URL HTTP/2
images.ctfassets.net/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/67001204dd8d16fa99070e902c512b9c/home-hero.png?w=1920&q=100&fm=webp
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
52 kB (52080 bytes)
Hash
e0b964ce8a22e37761e5c42b18cb810d
e57271a70e23f87d190556582831c2f91fd4a468
0a7b892b315f0dfecb0edfe9948c2925ebe11e6bb5b0c667bf870ff6ae84772c

HTTP Headers

GET /9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/67001204dd8d16fa99070e902c512b9c/home-hero.png?w=1920&q=100&fm=webp HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/webp
content-length: 52080
last-modified: Wed, 11 Jan 2023 01:13:35 GMT
server: Contentful Images API
access-control-allow-origin: *
date: Mon, 30 Jan 2023 02:19:10 GMT
cache-control: max-age=31536000
etag: "e0b964ce8a22e37761e5c42b18cb810d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GPcFfgmrej0jCNfd8Jsrpz3tqoBVoLvkJfiPJigzIDWPpyeyDkM28Q==
age: 26988
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ce1fd91d2179b7bf172f2a7a06e90350
35531bf84512254dd147f3299a95f037b6d8f751
5b160d0d93fb0033edd3970f69dad2ae46e0f93a61977020450927a7deac40f4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

images.ctfassets.net/9sy2a0egs6zh/3QUMobP9FN0FgMgyeOg2bX/b92de4778c111566352320823cd9b805/mm-learn.png?w=768&q=100&fm=webp

54.230.111.2

200 OK

9.2 kB

URL HTTP/2
images.ctfassets.net/9sy2a0egs6zh/3QUMobP9FN0FgMgyeOg2bX/b92de4778c111566352320823cd9b805/mm-learn.png?w=768&q=100&fm=webp
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image\012- data
Size
9.2 kB (9238 bytes)
Hash
7ee2ceeeca4c971dbb733daa4d73bd1e
994f1db2cbfb4df130d3f7be35d2b8bf7f5accd9
f8fd2106a97f85fbcd1a1c96b529b44b2ada436b7f5da893370e4dcf3a32907c

HTTP Headers

GET /9sy2a0egs6zh/3QUMobP9FN0FgMgyeOg2bX/b92de4778c111566352320823cd9b805/mm-learn.png?w=768&q=100&fm=webp HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/webp
content-length: 9238
etag: "7ee2ceeeca4c971dbb733daa4d73bd1e"
last-modified: Mon, 30 Jan 2023 07:21:51 GMT
date: Mon, 30 Jan 2023 07:49:34 GMT
cache-control: max-age=31536000
server: Contentful Images API
access-control-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: c6oDr2gZI4hS_g8BduUBefhRk_RS7T3QDoQMHxIdI8ioOcRuPrNSWg==
age: 7164
X-Firefox-Spdy: h2

i.ytimg.com/vi_webp/YVgfHZMFFFQ/sddefault.webp

142.250.74.118

200 OK

18 kB

URL HTTP/2
i.ytimg.com/vi_webp/YVgfHZMFFFQ/sddefault.webp
IP
142.250.74.118:0
ASN
#15169 GOOGLE

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 640x480, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
18 kB (18434 bytes)
Hash
d288755975f12c1b804cce683a56b56b
af27df3ca58c18ccfa231b3ad5089e11b29fb4e1
f27731898ea8846c9a9f428fb8cbe2da7c832a4bb6032af7b4b7f0c64f81de55

HTTP Headers

GET /vi_webp/YVgfHZMFFFQ/sddefault.webp HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/webp
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 18434
date: Mon, 30 Jan 2023 09:48:58 GMT
expires: Mon, 30 Jan 2023 11:48:58 GMT
cache-control: public, max-age=7200
etag: "1582837014"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-PKXX2FR

142.250.74.72

200 OK

69 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PKXX2FR
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (18907)
Size
69 kB (69135 bytes)
Hash
b3f474488dcdf5a4ec764eb3ed484a97
e3b5d82027e96df91d4503ec7b874f014ec8664f
720ecc3548c44dd23898189e39a81cfd0f9b776a383f2bdd17bc2fef13c3422b

HTTP Headers

GET /gtm.js?id=GTM-PKXX2FR HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 30 Jan 2023 09:48:58 GMT
expires: Mon, 30 Jan 2023 09:48:58 GMT
cache-control: private, max-age=900
last-modified: Mon, 30 Jan 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 69135
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

metamask.consensys.net/fonts/EuclidCircularB-Regular-WebXL.woff2

185.199.109.153

200 OK

45 kB

URL HTTP/2
metamask.consensys.net/fonts/EuclidCircularB-Regular-WebXL.woff2
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Size
45 kB (45196 bytes)
Hash
2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /fonts/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: font/woff2
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: "63d7746b-b08c"
expires: Mon, 30 Jan 2023 09:58:58 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 1D22:A8BE:14D94DE:15C3127:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.947041,VS0,VE335
vary: Accept-Encoding
x-fastly-request-id: bc96f7ba5750516d0c5fb73f00dceba17313df72
content-length: 45196
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

727 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
727 B (727 bytes)
Hash
b03dc6f6a9ff7dcd39bbc4dde709d434
7fa1906b24c8ad2141f48729c7ee34138fe8511f
5a8e77d3760aa3723e321da1d93feedb57d37c92b80274a0ac5a3a27dd3cf6bf

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5873
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Last-Modified: Mon, 30 Jan 2023 08:11:06 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 727

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ce1fd91d2179b7bf172f2a7a06e90350
35531bf84512254dd147f3299a95f037b6d8f751
5b160d0d93fb0033edd3970f69dad2ae46e0f93a61977020450927a7deac40f4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 09:41:41 GMT
age: 437
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5507
Expires: Mon, 30 Jan 2023 11:20:45 GMT
Date: Mon, 30 Jan 2023 09:48:58 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 30 Jan 2023 09:48:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

metamask.consensys.net/121cd9c2bdc4dd8c8ec9ead858719809d6d18de3-bf3069aa2870b9b75ba3.js

185.199.109.153

200 OK

691 kB

URL HTTP/2
metamask.consensys.net/121cd9c2bdc4dd8c8ec9ead858719809d6d18de3-bf3069aa2870b9b75ba3.js
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (65417)
Size
691 kB (691072 bytes)
Hash
e826d61a99b0b315d95a50a28e75f217
eb2a6892a3d4f22eb0443f137b4d0febea6d5930
3c604d53ac9726f11e80d8c0d7e5d4d66ca7e1b0ae2e08cb9cc2c9e30acfe5ea

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /121cd9c2bdc4dd8c8ec9ead858719809d6d18de3-bf3069aa2870b9b75ba3.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-22ba86"
expires: Mon, 30 Jan 2023 09:58:57 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 1F84:0B48:1ACF190:1BFD4EE:63D79289
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:58 GMT
via: 1.1 varnish
age: 1
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072138.916542,VS0,VE687
vary: Accept-Encoding
x-fastly-request-id: f137920ea9af31ea3fe28fb2d63e97c9b1508241
content-length: 691072
X-Firefox-Spdy: h2

acsbapp.com/apps/app/dist/js/app.js

83.229.67.229

200 OK

144 kB

URL HTTP/2
acsbapp.com/apps/app/dist/js/app.js
IP
83.229.67.229:0
ASN
#36007 KAMATERA

File type
Unicode text, UTF-8 text, with very long lines (61915), with no line terminators
Size
144 kB (143894 bytes)
Hash
c16c1de20c24aabaaf524bf48e2e2316
89b23e434f3e7f32a261e0ce7e4d34d8bb78f467
dd6dfc51d230a938278450fa5cb31fb0aaf040f040a0ba189c05648e54dc20a2

HTTP Headers

GET /apps/app/dist/js/app.js HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Tue, 31 Jan 2023 09:48:58 GMT
content-type: application/x-javascript
last-modified: Thu, 26 Jan 2023 13:36:03 GMT
etag: "6bcef-63d281c3-678819b673a2fdb4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 143894
date: Mon, 30 Jan 2023 09:48:58 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2

snap.licdn.com/li.lms-analytics/insight.min.js

23.36.76.210

200 OK

4.8 kB

URL HTTP/2
snap.licdn.com/li.lms-analytics/insight.min.js
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (13351)
Size
4.8 kB (4777 bytes)
Hash
74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c

HTTP Headers

GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=75593
date: Mon, 30 Jan 2023 09:48:59 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2

metamask.consensys.net/icons/icon-48x48.png?v=48400a28770e10dd52a8c0e539aeb282

185.199.109.153

200 OK

4.2 kB

URL HTTP/2
metamask.consensys.net/icons/icon-48x48.png?v=48400a28770e10dd52a8c0e539aeb282
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4210 bytes)
Hash
7688ebe09d93b68eb4a23536f7b7aefb
5b33f4a405eb2f178146d1016fbf2046c1c77866
918a76a5bebc21af888b92725ad9207b7c6886f6035d5b5115999251b58ba9e8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /icons/icon-48x48.png?v=48400a28770e10dd52a8c0e539aeb282 HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: image/png
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: "63d7746b-1072"
expires: Mon, 30 Jan 2023 09:58:58 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 63C0:676F:172AE0D:181F92D:63D7928A
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072139.905912,VS0,VE110
vary: Accept-Encoding
x-fastly-request-id: 3a66a50eb90b53498a0582d19d833b0b5b758c32
content-length: 4210
X-Firefox-Spdy: h2

images.ctfassets.net/9sy2a0egs6zh/Cgl4g0Z2URG5PhRXT7CjP/54984377c95ba08d7aa5b36acb038b61/Browse-illo.svg

54.230.111.2

200 OK

11 kB

URL HTTP/2
images.ctfassets.net/9sy2a0egs6zh/Cgl4g0Z2URG5PhRXT7CjP/54984377c95ba08d7aa5b36acb038b61/Browse-illo.svg
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2226)
Size
11 kB (11091 bytes)
Hash
b6301a0f3b2e09643ed4fbe745ab70b6
6fbe55f5eda5c41fc2b8a4a9bc700c02f2707570
cd1fc6d832e942f9b755258fc519fba781ed1018433635e19b95c4236e45d16c

HTTP Headers

GET /9sy2a0egs6zh/Cgl4g0Z2URG5PhRXT7CjP/54984377c95ba08d7aa5b36acb038b61/Browse-illo.svg HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 14 Oct 2021 12:25:00 GMT
server: Contentful Images API
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 30 Jan 2023 05:33:25 GMT
cache-control: max-age=31536000
etag: W/"afeafb6a9f14bd7771c63015be5a05c9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nVkCbevLrYtc9V03q1IOI6tFMZKHNaTgKvmAQ3s9ztMbOiSr0gfL2g==
age: 20574
X-Firefox-Spdy: h2

vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html

54.230.111.75

200 OK

1.0 kB

URL HTTP/2
vars.hotjar.com/box-fc6c0cda90900662e5160cde908b3e86.html
IP
54.230.111.75:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2368), with no line terminators
Size
1.0 kB (1034 bytes)
Hash
c34915675a9e912c93dac934322be7d1
1d0c20a805821d76fdef8b95eace30ac659a9454
091ab4e6d3f86a5e7bc8c7c3e9805df420c13f77627902dd204abc1f28b6336d

HTTP Headers

GET /box-fc6c0cda90900662e5160cde908b3e86.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html
content-length: 1034
date: Fri, 27 Jan 2023 09:04:06 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "c34915675a9e912c93dac934322be7d1"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HPR3Q5vHDt8_PHH1Z6KQCZcPDn8gxTxUuOfmLjn7NJ82mKeDsz8_3w==
age: 261893
X-Firefox-Spdy: h2

script.hotjar.com/modules.dcdf252a9a6cf097c357.js

54.230.111.79

200 OK

68 kB

URL HTTP/2
script.hotjar.com/modules.dcdf252a9a6cf097c357.js
IP
54.230.111.79:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (48602)
Size
68 kB (68336 bytes)
Hash
4ab050de5a6437b8d1f5955ab1dbfb07
498e55a41dc3df84cf825bd946a1300a04b38677
87cbfe168c8537c46132cab67a16afe706796b7f301ac8dc5bd8f9ea847e4a72

HTTP Headers

GET /modules.dcdf252a9a6cf097c357.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 68336
date: Fri, 27 Jan 2023 09:04:05 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "4ab050de5a6437b8d1f5955ab1dbfb07"
last-modified: Fri, 27 Jan 2023 09:03:53 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bN7hS6oK7Retmt1xw17FZU40Rf8T_uYBbpeLpTNKoQIdr5GD4J8B-g==
age: 261894
X-Firefox-Spdy: h2

www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D451393%26conversionId%3D7543513%26fmt%3Dgif%26liSync%3Dtrue

13.107.42.14

302 Found

0 B

URL HTTP/2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D451393%26conversionId%3D7543513%26fmt%3Dgif%26liSync%3Dtrue
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fpid%3D451393%26conversionId%3D7543513%26fmt%3Dgif%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metamask.consensys.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?pid=451393&conversionId=7543513&fmt=gif&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&63457c48-cc34-46f4-8a1f-139f86dc872d"; Domain=.linkedin.com; Expires=Tue, 30-Jan-2024 09:48:59 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230130094859d9c5c376-6f98-4611-877d-962ba78becc5AQGZ_cXxIxJbeZbWRnwNHr1mkERlZ7BR"; Domain=.www.linkedin.com; Expires=Tue, 30-Jan-2024 09:48:59 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzUwNzIxMzk7MjswMjEl/yJxoseWlc76/o8OMcwVz8phC28KilwxZUeegULalw==; Domain=.linkedin.com; Expires=Sat, 29 Jul 2023 09:48:59 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2478:u=1:x=1:i=1675072139:t=1675158539:v=2:sig=AQFkxH4B0b8Jdy9l7aUMde12agP8ylgu"; Expires=Tue, 31 Jan 2023 09:48:59 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXzeB/VpFMPKKDIhYBojQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F2DD05F4BAAA4BE89F501AC0C9D83550 Ref B: OSL30EDGE0314 Ref C: 2023-01-30T09:48:59Z
date: Mon, 30 Jan 2023 09:48:58 GMT
content-length: 0
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=451393&time=1675072150569&url=https%3A%2F%2Fmetamask.consensys.net%2F

13.107.42.14

302 Found

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=451393&time=1675072150569&url=https%3A%2F%2Fmetamask.consensys.net%2F
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=451393&time=1675072150569&url=https%3A%2F%2Fmetamask.consensys.net%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D451393%26time%3D1675072150569%26url%3Dhttps%253A%252F%252Fmetamask.consensys.net%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQIoshsFWfDh1QAAAYYCFHAb1GHLbOqrBEzN7AUmWJJpVxECT7COiFioJe5qXaDbNh2JOr3EVWMKBQ; Max-Age=2592000; Expires=Wed, 01 Mar 2023 09:48:59 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJoQ1AaNBnVIAAAAYYCFHAbqXljoqmRLMgAADcCpWRtMRNXjjqoS3NyGADilOd5INBc1beP_1T55iGd0AW_Pg; Max-Age=2592000; Expires=Wed, 01 Mar 2023 09:48:59 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&091f2daf-97bb-4654-88d5-ec8c845e2891"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 09:48:59 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2450:u=1:x=1:i=1675072139:t=1675158539:v=2:sig=AQFkJNzlJ9OFRozUe4rholp_FFLA34Vf"; Expires=Tue, 31 Jan 2023 09:48:59 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXzeB/V1H9R38y2GcdZMg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 89801207F57343E0BE19C721733A5247 Ref B: OSL30EDGE0314 Ref C: 2023-01-30T09:48:59Z
date: Mon, 30 Jan 2023 09:48:58 GMT
content-length: 0
X-Firefox-Spdy: h2

cdn.acsbapp.com/cache/app/metamask.consensys.net/config.json

83.229.67.229

200 OK

159 B

URL HTTP/2
cdn.acsbapp.com/cache/app/metamask.consensys.net/config.json
IP
83.229.67.229:0
ASN
#36007 KAMATERA

File type
JSON data\012- , ASCII text, with no line terminators
Size
159 B (159 bytes)
Hash
a587fd2cf4010a97ce949fd102c5c472
31af3d56dd12ae83ab439ffb784f793a6b9ef762
5eccee2c5dcfe657ae469b763369ed2a4ce15f136096954069cdf26ba7dcda0d

HTTP Headers

GET /cache/app/metamask.consensys.net/config.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metamask.consensys.net/
Origin: https://metamask.consensys.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Tue, 31 Jan 2023 09:48:59 GMT
content-type: application/json
last-modified: Mon, 30 Jan 2023 09:48:14 GMT
etag: "9f-63d7925e-b4fdeadb76f0971b;;;"
accept-ranges: bytes
content-length: 159
date: Mon, 30 Jan 2023 09:48:59 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2

cdn.linkedin.oribi.io/partner/451393/domain/metamask.consensys.net/token

54.230.111.112

200 OK

62 B

URL HTTP/2
cdn.linkedin.oribi.io/partner/451393/domain/metamask.consensys.net/token
IP
54.230.111.112:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
62 B (62 bytes)
Hash
d39abb34da93ec5faa48669ac4788977
cc2627a86b99e91540251b6fb7e17a9b1faa1ee7
b329d16bd7e06de93beac4a9e4d67b8be6d1c944b7b8e398b929460f73b7c4ce

HTTP Headers

GET /partner/451393/domain/metamask.consensys.net/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metamask.consensys.net
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
date: Mon, 30 Jan 2023 09:48:59 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 c2b101e67ac25a2f0013450d56ecac38.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oOhdEBRB3L0MciehSEGu0NXHWuh1KWcGiMoDw_1_GadWp17JxLjftQ==
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?pid=451393&conversionId=7543513&fmt=gif&liSync=true

13.107.42.14

200 OK

65 B

URL HTTP/2
px.ads.linkedin.com/collect?pid=451393&conversionId=7543513&fmt=gif&liSync=true
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
GIF image data, version 89a, 1 x 1\012- data
Size
65 B (65 bytes)
Hash
8b0d5b18476ae12e2476f3621d54c4a5
2ad669e9d207fbb37e84dda25766dbaeb66d792c
2d7244b6960d26ae56f048f162f02949ca7858be19d9349ec82906e56dfa3cfe

HTTP Headers

GET /collect?pid=451393&conversionId=7543513&fmt=gif&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metamask.consensys.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-length: 65
content-type: image/gif
content-encoding: gzip
vary: Accept-Encoding
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&15ddde23-4e75-466a-8312-2cfd3c72830e"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 09:48:59 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2422:u=1:x=1:i=1675072139:t=1675158539:v=2:sig=AQEqFlGeqCdKdqqKA-Q-Yl7wQPNlKAq1"; Expires=Tue, 31 Jan 2023 09:48:59 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzeB/czOPCDK38zYfYcA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C746170BAF5349F8806CF2C99017D6F5 Ref B: OSL30EDGE0314 Ref C: 2023-01-30T09:48:59Z
date: Mon, 30 Jan 2023 09:48:59 GMT
X-Firefox-Spdy: h2

metamask.consensys.net/14-a22f24b34fcfe8148bb3.js

185.199.109.153

200 OK

9.5 kB

URL HTTP/2
metamask.consensys.net/14-a22f24b34fcfe8148bb3.js
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (31941)
Size
9.5 kB (9459 bytes)
Hash
696ecef084c1e69ab1590aca5fdddee9
0cc04a0094ee39a099f0c9662448a75ea5dbb89d
28fa3a2726baab6acafa8a767df11a30e543c7d17576b8599acfa3a932f1726b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /14-a22f24b34fcfe8148bb3.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-7cf9"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 0C68:9B1B:1FD4405:2125519:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.784635,VS0,VE117
vary: Accept-Encoding
x-fastly-request-id: 85285b6a35e27e474bd1e43c62a5c7dd98e86775
content-length: 9459
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-2980129.js?sv=6

54.230.111.113

200 OK

4.7 kB

URL HTTP/2
static.hotjar.com/c/hotjar-2980129.js?sv=6
IP
54.230.111.113:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (7535)
Size
4.7 kB (4693 bytes)
Hash
131e35aa082b41dcb214a8b78faebfe8
8aa6ab247faf04f1013ba688a7a57a80488a0b09
3289ec24ce837c773802a22fc833c828cd6f80f44b59162111d39d4a1564abdf

HTTP Headers

GET /c/hotjar-2980129.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
content-encoding: br
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 09:48:59 GMT
cache-control: max-age=60
etag: W/9b6cd9e455439ca56e828418a850d119
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: v4HMC2R_r38nCm_aqS4WQI9Yy0JEYTsWdLCQ2Yzcy_4vr3xZ0KyGpw==
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/buy-crypto/page-data.json

185.199.109.153

200 OK

41 kB

URL HTTP/2
metamask.consensys.net/page-data/buy-crypto/page-data.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
41 kB (40662 bytes)
Hash
3c85d6a4ac0fff72886704721f4fdf83
a12bba826aaaf6795e92eb9b12b6b6753b1af6ef
2ae8fd7acd6c20c0da36e3fa4926bb7c13f5039541619effddf574e76efe8177

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/buy-crypto/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-2ca0c"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 447E:9B1B:1FD4407:212551D:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.795935,VS0,VE111
vary: Accept-Encoding
x-fastly-request-id: 3b35b94cb13ede29ac02eb719c4031a9276ac1dc
content-length: 40662
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/about/page-data.json

185.199.109.153

200 OK

14 kB

URL HTTP/2
metamask.consensys.net/page-data/about/page-data.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
14 kB (13775 bytes)
Hash
097da75d4af62436f3fa46bffcaacd57
864ce95ffce1c90f2eb9bd9ccbf039ca7e41f9be
ebe6ac71223c5d898937460daad45e6da0f16003dd2617f12763af51c6611c39

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/about/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-10942"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: DB2E:9002:149DFA3:1587BC0:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.790637,VS0,VE119
vary: Accept-Encoding
x-fastly-request-id: 20d8370c884e48d548d52809db419d4d9e1e883a
content-length: 13775
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/snaps/page-data.json

185.199.109.153

200 OK

33 kB

URL HTTP/2
metamask.consensys.net/page-data/snaps/page-data.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
33 kB (33184 bytes)
Hash
7d5a615a863848cb3c751efadc450394
7e857cd6e72125225bfbca6738e7be216b78dc4d
585cfcbb15a6c0deccc69ecf5963633517453d8fcb0ee0e37241fcbe06faa328

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/snaps/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-20fb0"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 6690:11B79:133219E:1411545:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.794136,VS0,VE117
vary: Accept-Encoding
x-fastly-request-id: 16fdfdf1e86abc893e1bfd243141ced301881ca2
content-length: 33184
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/1559/page-data.json

185.199.109.153

200 OK

26 kB

URL HTTP/2
metamask.consensys.net/page-data/1559/page-data.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
26 kB (26208 bytes)
Hash
7ec498e0ebc5fd6d7d213001b5815184
332bdf8f598c4a8dddf7482e6b3fd09ef60a0a20
945b42a536465869d3d7d5c8c7d7b193e7a87f9d78ba1a8e771d06727f1544bd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/1559/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-1a28f"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: B284:DD43:22668D9:23E0B3E:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.795214,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: 3660be89044d0c4e143eaa9ab7b0ffde56164c50
content-length: 26208
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/news/page-data.json

185.199.109.153

200 OK

16 kB

URL HTTP/2
metamask.consensys.net/page-data/news/page-data.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
16 kB (15639 bytes)
Hash
2bf4695d11ad1302e51c6ae3a80adb3b
632d2289eef4c0addf25277202611bfa569c7a6d
66b90b8ff19ec03406950d9d621bcde5e50f6a8c99e346786185d3295ed6cf66

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/news/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-124ab"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 1F7E:3359:16D8F0E:17D297E:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.796710,VS0,VE125
vary: Accept-Encoding
x-fastly-request-id: a4fd0f326f7767c0b022fd4f78f7f4e4e52b2835
content-length: 15639
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/swaps/page-data.json

185.199.109.153

200 OK

377 kB

URL HTTP/2
metamask.consensys.net/page-data/swaps/page-data.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
377 kB (376974 bytes)
Hash
bac6586cfedb2672a490b29eae1eecb7
48bf72a9da346f55549669040901a26903a9ba21
7fc1300055b7b4797ee89ed435353231b39485b4694d9cd34f0a50d0a82e4e78

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/swaps/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-13094c"
expires: Mon, 30 Jan 2023 09:58:59 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 35C4:9089:56B41D:5A9C6C:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:48:59 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.793214,VS0,VE167
vary: Accept-Encoding
x-fastly-request-id: 32ce6c242c7f707b36550a40b0d1ebb493686ad8
content-length: 376974
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/flask/page-data.json

185.199.109.153

200 OK

18 kB

URL HTTP/2
metamask.consensys.net/page-data/flask/page-data.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
18 kB (17676 bytes)
Hash
d21f67d66baef26817b73d1db9dd45ff
7185585d93339fcfdeb6bd582eba6eafeb53a4a9
089e999dc13c1c7570f742eb24e5c12ad2b5ad76f10e4c8e21a49e88099959f9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/flask/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-162a8"
expires: Mon, 30 Jan 2023 09:59:00 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 1C0E:676F:172AE95:181F9B6:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:49:00 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.967691,VS0,VE115
vary: Accept-Encoding
x-fastly-request-id: 4d7c2bb6a123ee763730297266b301807f77fffd
content-length: 17676
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/download/page-data.json

185.199.109.153

200 OK

14 kB

URL HTTP/2
metamask.consensys.net/page-data/download/page-data.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
14 kB (14415 bytes)
Hash
d06b9b65d628119f6ad83d3cbc90fd38
118cbf680b8a8bf3481e6c514ec358626e7c0dc8
4e1d192017ca5e19bf009236261515c154b4ea03ff7471967867d77071d26874

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/download/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-115b6"
expires: Mon, 30 Jan 2023 09:59:00 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 1F7E:3359:16D8F2E:17D2999:63D7928B
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:49:00 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.967308,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: 6f8a5c859e9861a5fbbb324fab35caf2fc58ac17
content-length: 14415
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/faqs/page-data.json

185.199.109.153

200 OK

19 kB

URL HTTP/2
metamask.consensys.net/page-data/faqs/page-data.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
19 kB (19040 bytes)
Hash
a4e10439944fc7ae890cc1ece9b1ca22
819fe996a6dc063a69e556019ca3d935ee6753c3
c24565e025e7b80cfa3340034d6e75f8227517b2d56ff5152918439e58e81c6e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/faqs/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-15660"
expires: Mon, 30 Jan 2023 09:59:00 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 4A84:11B79:13321BC:141155B:63D7928C
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:49:00 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.998763,VS0,VE127
vary: Accept-Encoding
x-fastly-request-id: abfa22da7477cf2485267cb2cbaac634b094354d
content-length: 19040
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5322
Expires: Mon, 30 Jan 2023 11:17:42 GMT
Date: Mon, 30 Jan 2023 09:49:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5322
Expires: Mon, 30 Jan 2023 11:17:42 GMT
Date: Mon, 30 Jan 2023 09:49:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5322
Expires: Mon, 30 Jan 2023 11:17:42 GMT
Date: Mon, 30 Jan 2023 09:49:00 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11095 bytes)
Hash
bb1a5e0a2bb1cacf87189373c118adf4
079974268f755aa38fb2cb32b8bcb748353c793f
1b0519e6bfca30a31b83d427302f7e22140f5b2da6f13cac37ea9c07abc42676

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f96350b-0dd8-46ee-a270-85f96329b7c9.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11095
x-amzn-requestid: dc7c00e2-cd2d-4265-8763-3dd7dbe223ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkFyEhJIAMFjpw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f1-541a17c362e95dfa5e90f58f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UuPN6Nq84hFgUDMbvpLTysWfU1JcRiecGH3tkdqDOOXBo9hVhmpMBA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:52 GMT
age: 42548
etag: "079974268f755aa38fb2cb32b8bcb748353c793f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9167 bytes)
Hash
3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 17:35:56 GMT
age: 58384
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

metamask.consensys.net/page-data/institutions/page-data.json

185.199.109.153

200 OK

75 kB

URL HTTP/2
metamask.consensys.net/page-data/institutions/page-data.json
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
75 kB (75412 bytes)
Hash
c5db551bc88d417af55176912cf3a39a
f9ff1b776f895efa445544886b0f83b3ae1df2d4
9670ad3d9bfd2ed1e55f4b601caa8d7281d02cde1efc16735550064dd81b410a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /page-data/institutions/page-data.json HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/json; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-4593a"
expires: Mon, 30 Jan 2023 09:59:00 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 805E:A8BE:14D9622:15C3275:63D7928C
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:49:00 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.999168,VS0,VE164
vary: Accept-Encoding
x-fastly-request-id: b358edb723d5221b1d9e248c8ea4b88c158ddfa9
content-length: 75412
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff57d053c-9c4b-473c-bba7-21efecd434c5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5298 bytes)
Hash
0b485aec4da73d34c0e9f038d397871d
aa98f1d472d9ac390270d49e7c1e0ed480760ee9
4add6befb6fd5b1ca37f68e3303e2ac14db1ac36b8c065f87e1f9f3ace5b4e23

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff57d053c-9c4b-473c-bba7-21efecd434c5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5298
x-amzn-requestid: b58aa40f-ae16-45e3-93d1-9ed4711838e3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEsHdNoAMF3Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-0c22a0aa70c34bab594597fc;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 5l02cxyNKYZgxK5JRuVPWaModkreUo39kBm51Ck6fm4svKtE75Q7qQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:04:23 GMT
age: 42277
etag: "aa98f1d472d9ac390270d49e7c1e0ed480760ee9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7679 bytes)
Hash
3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VHh2SQ21xoDoBnGvM2kRiposhXuCE-DdWW1bM35kEykjbHYmhsldVA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:51:22 GMT
age: 43058
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.5 kB (8464 bytes)
Hash
fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: y6bDvcD7a3-A4DLC3cSdZT-yewV1kkFqcGr7AMuqvUeGA4A0pgF4wQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:59:27 GMT
age: 42573
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.7 kB (3678 bytes)
Hash
e8d680cbaee5ef3e7b8e09b174ed6ecf
6651a0d3041920798240ea67e827c3d458769fa9
4c74e8ebff95e67da678248d3dc1d3f42d98c8a0d33d54d9d2bde36314c9f952

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bfbdca6-432c-4f19-887a-3165827e4bc6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3678
x-amzn-requestid: 21cd1ae3-b769-418a-b7f8-5efa486db859
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEvE-RIAMFpmg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-6998009c289996563d78616a;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XbMeLjDaYoPiw42pUbszzOEqWeUdx01NI6zVLJFgp0r3B_2dHHxX-w==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:45 GMT
age: 41835
etag: "6651a0d3041920798240ea67e827c3d458769fa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.acsbapp.com/cache/app/en.build.json

83.229.67.229

200 OK

26 kB

URL HTTP/2
cdn.acsbapp.com/cache/app/en.build.json
IP
83.229.67.229:0
ASN
#36007 KAMATERA

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (65461), with no line terminators
Size
26 kB (25923 bytes)
Hash
0e5a9d6b937f87fe7f96de3be6a04eff
6ca319a97da6139b0871fb1b443e5052f448cafe
d868885a573ada5f0f0adf65d24b35aae45b18aa95a153b2b9e7389877c5af6e

HTTP Headers

GET /cache/app/en.build.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metamask.consensys.net/
Origin: https://metamask.consensys.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Tue, 31 Jan 2023 09:49:00 GMT
content-type: application/json
last-modified: Sat, 28 Jan 2023 19:02:03 GMT
etag: "3bb7f-63d5712b-127308840042964f;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 25923
date: Mon, 30 Jan 2023 09:49:00 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2

metamask.consensys.net/component---src-pages-download-js-0152698db87ed7632942.js

185.199.109.153

200 OK

1.7 kB

URL HTTP/2
metamask.consensys.net/component---src-pages-download-js-0152698db87ed7632942.js
IP
185.199.109.153:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (4785)
Size
1.7 kB (1743 bytes)
Hash
e7f3dd3f78f2d0e714e1d468364b13fe
6f2a3ccfd499bfa26683d443d988614e6ed88100
08266bf334c2450cf4723dd799ec4795a9e658873baf583c0ac149156e9a0deb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /component---src-pages-download-js-0152698db87ed7632942.js HTTP/1.1
Host: metamask.consensys.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://metamask.consensys.net/
Cookie: _ga=GA1.2.1195946238.1675072151; _gid=GA1.2.1949032592.1675072151; _gat=1; ln_or=eyI0NTEzOTMiOiJkIn0%3D
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: GitHub.com
content-type: application/javascript; charset=utf-8
x-origin-cache: HIT
last-modified: Mon, 30 Jan 2023 07:40:27 GMT
access-control-allow-origin: *
etag: W/"63d7746b-1304"
expires: Mon, 30 Jan 2023 09:59:00 GMT
cache-control: max-age=600
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 85CA:262F:21F2500:236BF62:63D7928C
accept-ranges: bytes
date: Mon, 30 Jan 2023 09:49:00 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1624-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675072140.219749,VS0,VE398
vary: Accept-Encoding
x-fastly-request-id: 8e564048d47edcc9b85f0c0ac3c9d2c5b4c694d0
content-length: 1743
X-Firefox-Spdy: h2

px.ads.linkedin.com/collect?v=2&fmt=js&pid=451393&time=1675072150569&url=https%3A%2F%2Fmetamask.consensys.net%2F&liSync=true

13.107.42.14

200 OK

0 B

URL HTTP/2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=451393&time=1675072150569&url=https%3A%2F%2Fmetamask.consensys.net%2F&liSync=true
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /collect?v=2&fmt=js&pid=451393&time=1675072150569&url=https%3A%2F%2Fmetamask.consensys.net%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://metamask.consensys.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&35372fde-495e-43ca-89b4-c6fd9a2cb291"; domain=.linkedin.com; Path=/; Secure; Expires=Tue, 30-Jan-2024 09:49:00 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2478:u=1:x=1:i=1675072140:t=1675158540:v=2:sig=AQEpi4u-hxMipspcNPnvDQ4Du0i39TGA"; Expires=Tue, 31 Jan 2023 09:49:00 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXzeB/qpK07SGma33cPPQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 3A2748BF889746E49D242B463FC4370E Ref B: OSL30EDGE0314 Ref C: 2023-01-30T09:49:00Z
date: Mon, 30 Jan 2023 09:48:59 GMT
content-length: 0
X-Firefox-Spdy: h2

web1.acsbapp.com/apps/app/dist/media/logomono.svg

138.128.247.123

200 OK

1.2 kB

URL HTTP/2
web1.acsbapp.com/apps/app/dist/media/logomono.svg
IP
138.128.247.123:0
ASN
#36007 KAMATERA

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Size
1.2 kB (1210 bytes)
Hash
5a1c5c803738f6acbab0a79379c92c10
9f4639325d9e8e69ccc2bfc30d0f83d7dd11cd79
04009697f389893748179c149cad7b1e399d23a2284637350fe07ad94ffa5350

HTTP Headers

GET /apps/app/dist/media/logomono.svg HTTP/1.1
Host: web1.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
cache-control: max-age=432000 public
expires: Tue, 30 Jan 2024 09:49:00 GMT
content-type: image/svg+xml
last-modified: Mon, 26 Sep 2022 21:02:04 GMT
etag: "1034-6332134c-7705bf7dfc5e498d;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1210
date: Mon, 30 Jan 2023 09:49:00 GMT
access-control-allow-origin: *
access-control-allow-headers: *
X-Firefox-Spdy: h2

images.ctfassets.net/9sy2a0egs6zh/6pMllIhB6PaXHCfJTfJYlq/a3341f30db14c7a154fac58608caf67e/Firefox_Logo.svg

54.230.111.2

200 OK

0 B

URL HTTP/2
images.ctfassets.net/9sy2a0egs6zh/6pMllIhB6PaXHCfJTfJYlq/a3341f30db14c7a154fac58608caf67e/Firefox_Logo.svg
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /9sy2a0egs6zh/6pMllIhB6PaXHCfJTfJYlq/a3341f30db14c7a154fac58608caf67e/Firefox_Logo.svg HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Tue, 14 Jun 2022 02:40:32 GMT
server: Contentful Images API
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 30 Jan 2023 04:16:30 GMT
cache-control: max-age=31536000
etag: W/"7ab1520d2f60ffff326be5e95af56b94"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wopqIPJWh9v5nhWcGvWcBwop2QL_wClR2cALNazyqSI4sNK26HP9Xg==
age: 19950
X-Firefox-Spdy: h2

images.ctfassets.net/9sy2a0egs6zh/5w0q0fWbGtmiSts6oIDJ5x/6746f0e6d562c0e8315d841eb4c85f87/Explore-illo.svg

54.230.111.2

200 OK

0 B

URL HTTP/2
images.ctfassets.net/9sy2a0egs6zh/5w0q0fWbGtmiSts6oIDJ5x/6746f0e6d562c0e8315d841eb4c85f87/Explore-illo.svg
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /9sy2a0egs6zh/5w0q0fWbGtmiSts6oIDJ5x/6746f0e6d562c0e8315d841eb4c85f87/Explore-illo.svg HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 14 Oct 2021 12:32:54 GMT
server: Contentful Images API
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 30 Jan 2023 06:05:48 GMT
cache-control: max-age=31536000
etag: W/"46fb450c5ecf6da758bca0975551f056"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: G_07P0TdReNKlNactqMGZfNyO0GgzOuLKqKpPySFWrKk91NP0piy2w==
age: 14215
X-Firefox-Spdy: h2

images.ctfassets.net/9sy2a0egs6zh/78HoDbPwuWz8M6er6joJdE/c440f3e5d7262a424f13da69a46e958a/wallet-illo.svg

54.230.111.2

200 OK

0 B

URL HTTP/2
images.ctfassets.net/9sy2a0egs6zh/78HoDbPwuWz8M6er6joJdE/c440f3e5d7262a424f13da69a46e958a/wallet-illo.svg
IP
54.230.111.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /9sy2a0egs6zh/78HoDbPwuWz8M6er6joJdE/c440f3e5d7262a424f13da69a46e958a/wallet-illo.svg HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/svg+xml
last-modified: Thu, 14 Oct 2021 12:35:03 GMT
server: Contentful Images API
access-control-allow-origin: *
content-encoding: gzip
date: Mon, 30 Jan 2023 05:33:25 GMT
cache-control: max-age=31536000
etag: W/"63ad7f01f67accd6aafb47999640abe5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gJqePMdEb6l8uRv5p_32T_5HlBfY1KQ9CRB3bvn2l_pRTs4yQnxGQQ==
age: 16639
X-Firefox-Spdy: h2

www.youtube.com/iframe_api

142.250.74.110

200 OK

0 B

URL HTTP/2
www.youtube.com/iframe_api
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://metamask.consensys.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Mon, 30 Jan 2023 09:48:58 GMT
date: Mon, 30 Jan 2023 09:48:58 GMT
cache-control: private, max-age=0
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-resource-policy: cross-origin
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=Y_pQ1re03_4; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRNNE1EQTFNVE0zTmpNNU5UY3lNQT09EIql3p4GGIql3p4G; Domain=.youtube.com; Expires=Sat, 29-Jul-2023 09:48:58 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=5K5h32nJEpk; Domain=.youtube.com; Expires=Sat, 29-Jul-2023 09:48:58 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+513; expires=Wed, 29-Jan-2025 09:48:58 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (28)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML