metamask.io/logo.js
185.199.110.153404 Not Found 18 kB IP 185.199.110.153:443
Certificate IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint83:6F:D9:3B:D8:B7:26:F8:C6:33:19:B3:21:34:ED:C3:6B:2B:31:DA
ValidityFri, 22 Sep 2023 09:30:46 GMT - Thu, 21 Dec 2023 09:30:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (38165)
Hash cb37764390b9a98bed5cd9289025bb2e
41771c8632aedd7ed778c5fb4d73aff85114ba43
9cb55b8a6be2e8e3cfd85954a29f59c580a5c14b304e81eb08e5cede2af108a7
GET /logo.js HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"6558f9bf-13439"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 5E7A:268E:AAFB3C2:AD99B74:655AC7CB
accept-ranges: bytes
date: Mon, 20 Nov 2023 02:43:23 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1700448204.802039,VS0,VE121
vary: Accept-Encoding
x-fastly-request-id: f578981176f527a6549d4ec20a2e702fb802ef27
content-length: 18132
X-Firefox-Spdy: h2
metemesk.io/js/enterprise.js
154.12.27.147200 OK 1.0 kB URL GET HTTP/2 metemesk.io/js/enterprise.js
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type ASCII text, with very long lines (1011), with no line terminators
Hash f565ad01ef85ebe1ffbfa97f91a960c4
a8636143698b1981c2f7c482dad7aa2ac07e4ed2
c8767e2f7a52c171fe807dc80a53bc334a0700e9e38ad28245d6e16d9101c26f
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /js/enterprise.js HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: application/javascript
content-length: 1011
last-modified: Thu, 20 Jan 2022 02:13:20 GMT
etag: "61e8c540-3f3"
expires: Mon, 20 Nov 2023 14:43:23 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metamask.io/logo.js
185.199.110.153404 Not Found 18 kB IP 185.199.110.153:443
Certificate IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint83:6F:D9:3B:D8:B7:26:F8:C6:33:19:B3:21:34:ED:C3:6B:2B:31:DA
ValidityFri, 22 Sep 2023 09:30:46 GMT - Thu, 21 Dec 2023 09:30:45 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (38165)
Hash cb37764390b9a98bed5cd9289025bb2e
41771c8632aedd7ed778c5fb4d73aff85114ba43
9cb55b8a6be2e8e3cfd85954a29f59c580a5c14b304e81eb08e5cede2af108a7
GET /logo.js HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
access-control-allow-origin: *
etag: W/"6558f9bf-13439"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 5E7A:268E:AAFB3C2:AD99B74:655AC7CB
accept-ranges: bytes
date: Mon, 20 Nov 2023 02:43:24 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1655-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1700448204.297031,VS0,VE0
vary: Accept-Encoding
x-fastly-request-id: a1389667c07c3e0f90cc893f1f2770b506d535ee
content-length: 18132
X-Firefox-Spdy: h2
metemesk.io/images/mm-logo.svg
154.12.27.147200 OK 12 kB URL GET HTTP/2 metemesk.io/images/mm-logo.svg
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Hash 51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/mm-logo.svg HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: image/svg+xml
content-length: 12019
last-modified: Thu, 20 Jan 2022 02:12:12 GMT
etag: "61e8c4fc-2ef3"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metemesk.io/images/social-35.svg
154.12.27.147200 OK 602 B URL GET HTTP/2 metemesk.io/images/social-35.svg
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash d5e7fa6bfac5cb057e4974b17d5f0e53
fd3f64fd6b8fc6bb097bcd065337c70d8d2cef37
bcba47e61462fcaa7a59953d7af48a777438587b79faf7fcda5831cea8e9a7da
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/social-35.svg HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: image/svg+xml
content-length: 602
last-modified: Thu, 20 Jan 2022 02:12:38 GMT
etag: "61e8c516-25a"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metemesk.io/images/wallet-illo.svg
154.12.27.147200 OK 36 kB URL GET HTTP/2 metemesk.io/images/wallet-illo.svg
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1199)
Hash 63ad7f01f67accd6aafb47999640abe5
5ed10575a1a39d5b02840416a281fb1e655bd423
596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/wallet-illo.svg HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: image/svg+xml
content-length: 36437
last-modified: Thu, 20 Jan 2022 02:12:38 GMT
etag: "61e8c516-8e55"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
216.58.207.227200 OK 7.9 kB URL GET HTTP/2 fonts.gstatic.com/s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP 216.58.207.227:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Hash 61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18
GET /s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://metemesk.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:22:12 GMT
expires: Fri, 15 Nov 2024 23:22:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 21:10:56 GMT
content-type: font/woff2
age: 271272
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
metemesk.io/images/Explore-illo.svg
154.12.27.147200 OK 37 kB URL GET HTTP/2 metemesk.io/images/Explore-illo.svg
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1527)
Hash 46fb450c5ecf6da758bca0975551f056
629157e884b450ecf5a94d38d736db3c7428245f
8ba2b37fd4f2f3c19c10109bc6111d3d71692c78f9351f1eb2a8cab5231b77b5
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/Explore-illo.svg HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: image/svg+xml
content-length: 36835
last-modified: Thu, 20 Jan 2022 02:12:38 GMT
etag: "61e8c516-8fe3"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
216.58.207.227200 OK 8.4 kB URL GET HTTP/2 fonts.gstatic.com/s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP 216.58.207.227:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Hash 141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
GET /s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://metemesk.io
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:22:22 GMT
expires: Fri, 15 Nov 2024 23:22:22 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Aug 2023 20:56:52 GMT
content-type: font/woff2
age: 271262
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
metemesk.io/fonts/EuclidCircularB-Regular-WebXL.woff2
154.12.27.147200 OK 45 kB URL GET HTTP/2 metemesk.io/fonts/EuclidCircularB-Regular-WebXL.woff2
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Hash 2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /fonts/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/css/metamask-staging-2.webflow.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:24 GMT
content-type: font/woff2
content-length: 45196
last-modified: Thu, 20 Jan 2022 02:13:18 GMT
etag: "61e8c53e-b08c"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metemesk.io/fonts/EuclidCircularB-Bold-WebXL.woff2
154.12.27.147200 OK 44 kB URL GET HTTP/2 metemesk.io/fonts/EuclidCircularB-Bold-WebXL.woff2
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Hash 9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /fonts/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/css/metamask-staging-2.webflow.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:24 GMT
content-type: font/woff2
content-length: 44544
last-modified: Thu, 20 Jan 2022 02:13:20 GMT
etag: "61e8c540-ae00"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metemesk.io/images/Browse-illo.svg
154.12.27.147200 OK 28 kB URL GET HTTP/2 metemesk.io/images/Browse-illo.svg
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2226)
Hash afeafb6a9f14bd7771c63015be5a05c9
78683c75d81cf80440f083e9fb4bb2987748e290
517c0c6b44ede59070fb138aab7e875b9c230a227295f9612c32dabb9b0bdb13
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/Browse-illo.svg HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: image/svg+xml
content-length: 28164
last-modified: Thu, 20 Jan 2022 02:12:38 GMT
etag: "61e8c516-6e04"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metemesk.io/images/dapp-aave.png
154.12.27.147200 OK 14 kB URL GET HTTP/2 metemesk.io/images/dapp-aave.png
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Hash 521a00d54b7fe1cb1d7712b655ca54a6
8c5aa52335bf25183781e62843ede770bf6877ba
506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/dapp-aave.png HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: image/png
content-length: 14347
last-modified: Thu, 20 Jan 2022 02:12:40 GMT
etag: "61e8c518-380b"
expires: Wed, 20 Dec 2023 02:43:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metemesk.io/images/dapp-axieinfinity.png
154.12.27.147200 OK 43 kB URL GET HTTP/2 metemesk.io/images/dapp-axieinfinity.png
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f662391fe3ddc927134ba8e15263eaf
ab5ea7aacdc8c97238247f59761abc02033b2a67
7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/dapp-axieinfinity.png HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: image/png
content-length: 42713
last-modified: Thu, 20 Jan 2022 02:12:40 GMT
etag: "61e8c518-a6d9"
expires: Wed, 20 Dec 2023 02:43:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metemesk.io/images/dapp-compound.png
154.12.27.147200 OK 11 kB URL GET HTTP/2 metemesk.io/images/dapp-compound.png
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 3818f9cfccbd94fad91a10d3c5ee356c
7c6af849177aa8bf6ef9bcbf801dc375e1997900
20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/dapp-compound.png HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: image/png
content-length: 11355
last-modified: Thu, 20 Jan 2022 02:12:40 GMT
etag: "61e8c518-2c5b"
expires: Wed, 20 Dec 2023 02:43:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metemesk.io/images/dapp-gitcoin.png
154.12.27.147200 OK 8.0 kB URL GET HTTP/2 metemesk.io/images/dapp-gitcoin.png
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash c710e9a5c39e89136a73edf0a1c99abe
aca40362b7d87533d00250e102ba852d19e2231c
7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/dapp-gitcoin.png HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: image/png
content-length: 7998
last-modified: Thu, 20 Jan 2022 02:12:40 GMT
etag: "61e8c518-1f3e"
expires: Wed, 20 Dec 2023 02:43:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metemesk.io/images/dapp-maker.png
154.12.27.147200 OK 6.9 kB URL GET HTTP/2 metemesk.io/images/dapp-maker.png
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 720871ca002e89a10d26e5c516066311
8648fe12645cd5c3473a73faba1d42cef78de444
f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/dapp-maker.png HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: image/png
content-length: 6852
last-modified: Thu, 20 Jan 2022 02:12:40 GMT
etag: "61e8c518-1ac4"
expires: Wed, 20 Dec 2023 02:43:23 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
104.17.207.249200 OK 2.1 kB URL GET HTTP/1.1 forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
IP 104.17.207.249:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (5762), with no line terminators
Hash e317ddbc355053cfaab0526f1aab3571
4287613996f354daba06a029d3c27c59e1a2681b
89e2053a4dac41737b6cd6036a044587010984aa49731b09be939f30d109e401
GET /embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Mon, 20 Nov 2023 02:43:25 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace: 2B8EC9F8654764A5A95C3630F4025E6A0542D2D6BB000000000000000000
X-Origin-Hublet: na1
Vary: origin
Content-Disposition: attachment; filename=no-rfd.txt
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: false
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
x-envoy-upstream-service-time: 9
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-w6knk
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
X-HubSpot-Correlation-Id: a418f7e1-36b8-488c-b7e6-8b28c4bf6fd0
x-request-id: a418f7e1-36b8-488c-b7e6-8b28c4bf6fd0
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 828d58617ddf5697-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400
metemesk.io/images/dapp-opensea.png
154.12.27.147200 OK 6.5 kB URL GET HTTP/2 metemesk.io/images/dapp-opensea.png
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash f82776f839cec899c9c87a680226aabf
43f5dedb6216cb02ee568fcb66cb19fc296c3a85
c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/dapp-opensea.png HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:24 GMT
content-type: image/png
content-length: 6533
last-modified: Thu, 20 Jan 2022 02:12:42 GMT
etag: "61e8c51a-1985"
expires: Wed, 20 Dec 2023 02:43:24 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metemesk.io/images/dapp-rarible.png
154.12.27.147200 OK 6.8 kB URL GET HTTP/2 metemesk.io/images/dapp-rarible.png
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Hash b9f7c0fd11c34c044799e673947103f8
491baab057af39b2b24bf0c671d0eb05454b8c48
29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/dapp-rarible.png HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:24 GMT
content-type: image/png
content-length: 6840
last-modified: Thu, 20 Jan 2022 02:12:42 GMT
etag: "61e8c51a-1ab8"
expires: Wed, 20 Dec 2023 02:43:24 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metemesk.io/images/dapp-uniswap.png
154.12.27.147200 OK 10 kB URL GET HTTP/2 metemesk.io/images/dapp-uniswap.png
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 1948962ad395727d902bd6b5fcd01807
f7e85e096b084ef6d9f550afbcd702fd889031a5
ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/dapp-uniswap.png HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:24 GMT
content-type: image/png
content-length: 10268
last-modified: Thu, 20 Jan 2022 02:12:42 GMT
etag: "61e8c51a-281c"
expires: Wed, 20 Dec 2023 02:43:24 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metemesk.io/images/hero2.2.png
154.12.27.147200 OK 590 kB URL GET HTTP/2 metemesk.io/images/hero2.2.png
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data
Size 590 kB (589568 bytes)
Hash d0ec70f4c666fbf6ad0d30a52d08c5c9
e48f0688bc4f592824840478d12c05df0dd12002
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /images/hero2.2.png HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/css/metamask-staging-2.webflow.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:24 GMT
content-type: image/png
content-length: 589568
last-modified: Thu, 20 Jan 2022 02:13:06 GMT
etag: "61e8c532-8ff00"
expires: Wed, 20 Dec 2023 02:43:24 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
metemesk.io/js/analytics.js
154.12.27.147200 OK 212 kB URL GET HTTP/2 metemesk.io/js/analytics.js
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type ASCII text, with very long lines (1325)
Size 212 kB (212365 bytes)
Hash d8be9ab1122d270f3562c097c675a3fd
2f45309fb356d06e3e0d2551a0a3b4f7781d9c59
5e7b8f8160e104a4ba8ea1a97e6b63e1fbeef3a15669ddabd1e1671528592428
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /js/analytics.js HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 02:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8c540-c179"
expires: Mon, 20 Nov 2023 14:43:23 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
metemesk.io/css/metamask-staging-2.webflow.css
154.12.27.147200 OK 22 kB URL GET HTTP/2 metemesk.io/css/metamask-staging-2.webflow.css
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type gzip compressed data, from Unix\012- data
Hash 6b20044b84ebf99d3a20de7db5472608
f6f8e37de8824f9f9a883d30fa3bcfecfdd304ed
c89d2ff5ec0a89f46d0094b3371433a338ca4c55030287d2df43b31e3d4e5591
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /css/metamask-staging-2.webflow.css HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: text/css
last-modified: Thu, 18 May 2023 07:50:34 GMT
vary: Accept-Encoding
etag: W/"6465d8ca-21477"
expires: Mon, 20 Nov 2023 14:43:23 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
metemesk.io/js/analytics.js
154.12.27.147200 OK 46 kB URL GET HTTP/2 metemesk.io/js/analytics.js
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type ASCII text, with very long lines (16007)
Hash 072bd44d74fcef8970ffbf86b24c3885
d6800f836744db7e6f75045102e930b0f6dc857e
97ff81b45459dc0de6e17c8245c30217cf5797d5e160c373c58a46f74ebc4981
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /js/analytics.js HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Cookie: _ga=GA1.2.206198658.1700448206; _gid=GA1.2.763228734.1700448206; _gat_gtag_UA_37075177_6=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:24 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 02:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8c540-c179"
expires: Mon, 20 Nov 2023 14:43:24 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
142.250.74.67200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP 142.250.74.67:443
Requested by https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Nov 2023 21:35:45 GMT
expires: Mon, 18 Nov 2024 21:35:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 18460
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__zh_cn.js
142.250.74.67404 Not Found 1.6 kB URL GET HTTP/2 www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__zh_cn.js
IP 142.250.74.67:443
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Hash 0e0d623573435a71150ee82ba4b748ce
5c2c04bc996655e0c26f73081e45f3a8014a9a3e
04298ad6378ad5705b87ebb68e7a802efa55ffd6b4ccc5e932d38d3b7f59d1c9
GET /recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__zh_cn.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metemesk.io
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 20 Nov 2023 02:43:25 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1624
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:26:09 GMT
expires: Fri, 15 Nov 2024 23:26:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 271036
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRlbWVzay5pbzo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=inline&cb=nniihhdscwr0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:23:18 GMT
expires: Fri, 15 Nov 2024 23:23:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 271207
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
142.250.74.132200 OK 2.3 kB URL GET HTTP/3 www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
IP 142.250.74.132:443
Requested by https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRlbWVzay5pbzo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=inline&cb=nniihhdscwr0
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type gzip compressed data\012- data
Hash 72b781c4075af8d5946ee8bae59ce7f8
2b244a1bb68638a6e1106a75813411552dc11584
17818eb1cfa97fb8337fc7b92a24bdb25a926cbd6d96dbea2de9058540d61200
GET /recaptcha/enterprise/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRlbWVzay5pbzo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=inline&cb=nniihhdscwr0
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: text/javascript; charset=utf-8
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 20 Nov 2023 02:43:26 GMT
date: Mon, 20 Nov 2023 02:43:26 GMT
cache-control: private, max-age=300
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
142.250.74.67200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP 142.250.74.67:443
Requested by https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Nov 2023 21:35:45 GMT
expires: Mon, 18 Nov 2024 21:35:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 18461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
metemesk.io/js/webfont.js
154.12.27.147200 OK 30 kB URL GET HTTP/2 metemesk.io/js/webfont.js
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type ASCII text, with very long lines (52348)
Hash 75384e481dbfe598d46654d149326911
b615b12f95499355e774a492fd6871acc47631eb
50691536c46cd5a642af051bef4bdbc98100fed822ede873635fc82d77d92aa7
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /js/webfont.js HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 02:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8c540-3384"
expires: Mon, 20 Nov 2023 14:43:23 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
142.250.74.67200 OK 191 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP 142.250.74.67:443
Requested by https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (563)
Size 191 kB (190682 bytes)
Hash 23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 19 Nov 2023 21:35:45 GMT
expires: Mon, 18 Nov 2024 21:35:45 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 18461
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
142.250.74.132200 OK 26 kB URL POST HTTP/3 www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP 142.250.74.132:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type gzip compressed data\012- data
Hash 56e9647fb5172c10c38dabc19a520f27
6114aedee7724eb084fe4bab0213ff8cd1fb1515
364e848638a9e3717763e3e5232d0442e778fba008f58e02ca29638d7bb12e6b
POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6861
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Mon, 20 Nov 2023 02:43:26 GMT
expires: Mon, 20 Nov 2023 02:43:26 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09AB6UR-kaVUY9boIDMQorFKpWuaaur_WTV-xRpX7wLh_RNQoGnnquONgi1x9jhYEAHjDZhr-ULmUpdSdaDcXQis8;Path=/recaptcha;Expires=Sat, 18-May-2024 02:43:26 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:26:09 GMT
expires: Fri, 15 Nov 2024 23:26:09 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
age: 271037
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
216.58.207.227200 OK 15 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Hash 19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:24:19 GMT
expires: Fri, 15 Nov 2024 23:24:19 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
age: 271147
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.227200 OK 16 kB URL GET HTTP/3 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.227:443
Requested by https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRlbWVzay5pbzo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=inline&cb=nniihhdscwr0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:23:18 GMT
expires: Fri, 15 Nov 2024 23:23:18 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
age: 271208
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/audio_2x.png
142.250.74.67200 OK 530 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/audio_2x.png
IP 142.250.74.67:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:23:21 GMT
expires: Thu, 23 Nov 2023 23:23:21 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 271205
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.gstatic.com/recaptcha/api2/refresh_2x.png
142.250.74.67200 OK 600 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/refresh_2x.png
IP 142.250.74.67:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 23:21:57 GMT
expires: Thu, 23 Nov 2023 23:21:57 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 271289
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067
104.17.207.249200 OK 35 B URL GET HTTP/3 perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067
IP 104.17.207.249:443
Certificate IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
GET /embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Mon, 20 Nov 2023 02:43:25 GMT
content-type: image/gif
content-length: 35
x-trace: 2B90E726FD8D1656B43058C90355860E13991D13BC000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
x-envoy-upstream-service-time: 5
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-56dcc87b5c-q6gzk
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: 279dbe12-65b7-4295-a883-4d44bff210f8
x-request-id: 279dbe12-65b7-4295-a883-4d44bff210f8
last-modified: Mon, 20 Nov 2023 02:43:25 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 828d5864c82e569b-OSL
alt-svc: h3=":443"; ma=86400
154.12.27.147200 OK 43 kB URL User Request GET HTTP/2 IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET / HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: text/html
last-modified: Mon, 18 Sep 2023 11:37:19 GMT
vary: Accept-Encoding
etag: W/"6508366f-a748"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
matemask.tv/images/mm-shop-hoodie-p-500.png
0.0.0.0 0 B URL GET matemask.tv/images/mm-shop-hoodie-p-500.png
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/mm-shop-hoodie-p-500.png HTTP/1.1
Host: matemask.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
metemesk.io/css/normalize.css
154.12.27.147200 OK 7.8 kB URL GET HTTP/2 metemesk.io/css/normalize.css
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type ASCII text, with very long lines (8147), with no line terminators
Hash 21240e0cead3210a28555c3fa89acab0
486fbbc9a997da04985e8ffb5b52e74e0a6f35ea
2881f1b580116868946ef393e44e46ce9ec94fda36f6d1eb840290671830db6a
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /css/normalize.css HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: text/css
last-modified: Thu, 20 Jan 2022 02:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8c540-1e5c"
expires: Mon, 20 Nov 2023 14:43:23 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
metemesk.io/z_stat-1280416669_1280416669.js
154.12.27.147200 OK 12 kB URL GET HTTP/2 metemesk.io/z_stat-1280416669_1280416669.js
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type ASCII text, with very long lines (11743), with no line terminators
Hash e1be54869a16611acffff9f5f8883daf
df0fc0ae677ba0cd5c21994a8b5189cd5fc425a7
02ba8db5232b3810e186d5f70f7be20d172dfb3b03803937fe0cb442c5bccf1d
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /z_stat-1280416669_1280416669.js HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:24 GMT
content-type: application/javascript
last-modified: Mon, 18 Sep 2023 11:37:20 GMT
vary: Accept-Encoding
etag: W/"65083670-2ddf"
expires: Mon, 20 Nov 2023 14:43:24 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
matemask.tv/images/favicon.ico
0.0.0.0 0 B URL GET matemask.tv/images/favicon.ico
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/favicon.ico HTTP/1.1
Host: matemask.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
fonts.googleapis.com/css?family=Changa+One:400,400italic
142.250.74.106200 OK 800 B URL GET HTTP/2 fonts.googleapis.com/css?family=Changa+One:400,400italic
IP 142.250.74.106:443
Certificate IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintCC:96:E0:52:E0:9B:EA:A9:A0:F8:88:9A:90:20:11:47:61:00:3C:42
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (816), with no line terminators
Hash d649df21660305e95bf70d4282367324
4a3aeaf4830f03b873105998d8ceaa017bc0b65c
338d6967247111e7857d08db563973e8782b09601225fece0af3420e5cd2fa56
GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 20 Nov 2023 02:43:24 GMT
date: Mon, 20 Nov 2023 02:43:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
142.250.74.67200 OK 56 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP 142.250.74.67:443
Requested by https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRlbWVzay5pbzo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=inline&cb=nniihhdscwr0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 19:10:43 GMT
expires: Fri, 15 Nov 2024 19:10:43 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 286362
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
metemesk.io/js/webflow.js
154.12.27.147200 OK 568 kB URL GET HTTP/2 metemesk.io/js/webflow.js
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
Size 568 kB (568434 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /js/webflow.js HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:24 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 02:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8c540-8ac72"
expires: Mon, 20 Nov 2023 14:43:24 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/info_2x.png
142.250.74.67200 OK 665 B URL GET HTTP/3 www.gstatic.com/recaptcha/api2/info_2x.png
IP 142.250.74.67:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Hash 07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 04:58:54 GMT
expires: Thu, 23 Nov 2023 04:58:54 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 337472
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
metemesk.io/css/webflow.css
154.12.27.147200 OK 39 kB URL GET HTTP/2 metemesk.io/css/webflow.css
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /css/webflow.css HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: text/css
last-modified: Thu, 20 Jan 2022 02:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8c540-98c5"
expires: Mon, 20 Nov 2023 14:43:23 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
142.250.74.67200 OK 56 kB URL GET HTTP/3 www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
IP 142.250.74.67:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type ASCII text, with very long lines (56398), with no line terminators
Hash eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Nov 2023 19:10:43 GMT
expires: Fri, 15 Nov 2024 19:10:43 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/css
vary: Accept-Encoding
age: 286363
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
metemesk.io/js/gtag.js
154.12.27.147200 OK 92 kB IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type ASCII text, with very long lines (1896)
Hash 8565965902198b680974beb4f8006741
3e60fb528c543082cc483acd620b78002e848fbf
28c8a04ee3648c79f7e5b15b1a62a816eb8073a4133bfb69ca291e5972e0f291
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /js/gtag.js HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:23 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 02:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8c540-16984"
expires: Mon, 20 Nov 2023 14:43:23 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
matemask.tv/images/webclip.png
0.0.0.0 0 B URL GET matemask.tv/images/webclip.png
IP 0.0.0.0:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/webclip.png HTTP/1.1
Host: matemask.tv
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
142.250.74.132200 OK 7.3 kB URL GET HTTP/3 www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP 142.250.74.132:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7490), with no line terminators
Hash ad2ad015d640088b7d3bd3c8a52c3e01
5369fb743406adc47910557adb86a64bf08ce49c
6387f3225d69bc5b942732937d393f59d917a65ba41a03dca35c0d0707ff7209
GET /recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 20 Nov 2023 02:43:26 GMT
content-security-policy: script-src 'nonce-2GQ94gBGl3akKui4iGhGxQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRlbWVzay5pbzo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=inline&cb=nniihhdscwr0
142.250.74.132200 OK 62 kB URL GET HTTP/3 www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRlbWVzay5pbzo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=inline&cb=nniihhdscwr0
IP 142.250.74.132:443
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (53347)
Hash a527161e0abf93ccff2160a779643f77
1f11cc2a29242bad04baf95ad5f84de4aedfe2c6
bd2fbfb939c7a714429cd74ce3be503d4910b35d717cb42141d1d815aa6f6af3
GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRlbWVzay5pbzo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=inline&cb=nniihhdscwr0 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 20 Nov 2023 02:43:25 GMT
content-security-policy: script-src 'nonce-AE3MAlZ3UkqgGUXHmGwg4A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
metemesk.io/js/common.js
154.12.27.147200 OK 1.3 kB IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type ASCII text, with very long lines (1428), with no line terminators
Hash 3d07c1f2c0c6eaa190f3b3b608e9f317
ea81f374e2b57cbe28ad51a1329b36e2c746cb2c
43d7338798322802e15f0319c43aa8cb3df1754bad216e8ed7571ef7a7321a2e
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /js/common.js HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:24 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 02:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8c540-51c"
expires: Mon, 20 Nov 2023 14:43:24 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.gstatic.com/recaptcha/api2/logo_48.png
142.250.74.67200 OK 2.2 kB URL GET HTTP/3 www.gstatic.com/recaptcha/api2/logo_48.png
IP 142.250.74.67:443
Requested by https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tZXRlbWVzay5pbzo0NDM.&hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&size=invisible&badge=inline&cb=nniihhdscwr0
Certificate IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 15 Nov 2023 21:37:43 GMT
expires: Wed, 22 Nov 2023 21:37:43 GMT
cache-control: public, max-age=604800
age: 363943
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
www.google.com/recaptcha/enterprise/payload?p=06AFcWeA5_HkdITGQozvpjAjeUkFI11m5rg4nveg-O69re2R-bbQtlxHpdXWwIu5NAI7Jp05IWxoLCWpUGmYcC96ZtEPVzC59_mpPc2APPxpR7a_t-odXwQzmVtSb8dF8u6WBPvx4lRrvA18edVc3tSccJoRJmz991FA2Mr6NCKnTTv2v66dkA37ILjRNgLpL-B7WIE_lJQkNH&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
142.250.74.132200 OK 33 kB URL GET HTTP/3 www.google.com/recaptcha/enterprise/payload?p=06AFcWeA5_HkdITGQozvpjAjeUkFI11m5rg4nveg-O69re2R-bbQtlxHpdXWwIu5NAI7Jp05IWxoLCWpUGmYcC96ZtEPVzC59_mpPc2APPxpR7a_t-odXwQzmVtSb8dF8u6WBPvx4lRrvA18edVc3tSccJoRJmz991FA2Mr6NCKnTTv2v66dkA37ILjRNgLpL-B7WIE_lJQkNH&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP 142.250.74.132:443
Requested by https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash c4285ff508b4119d919a589e3b60a646
01f0ab9faf77c18e734dba9ba8df8d2642f0862a
a4b80aebd48f7fa90d0b6930d38530ecc8c455bcebe5c0d5cdb830883f4dc2c3
GET /recaptcha/enterprise/payload?p=06AFcWeA5_HkdITGQozvpjAjeUkFI11m5rg4nveg-O69re2R-bbQtlxHpdXWwIu5NAI7Jp05IWxoLCWpUGmYcC96ZtEPVzC59_mpPc2APPxpR7a_t-odXwQzmVtSb8dF8u6WBPvx4lRrvA18edVc3tSccJoRJmz991FA2Mr6NCKnTTv2v66dkA37ILjRNgLpL-B7WIE_lJQkNH&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=-QbJqHfGOUB8nuVRLvzFLVed&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09AB6UR-kaVUY9boIDMQorFKpWuaaur_WTV-xRpX7wLh_RNQoGnnquONgi1x9jhYEAHjDZhr-ULmUpdSdaDcXQis8
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
content-type: image/jpeg
expires: Mon, 20 Nov 2023 02:43:26 GMT
date: Mon, 20 Nov 2023 02:43:26 GMT
cache-control: private, max-age=30
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
metemesk.io/js/v2.js
154.12.27.147200 OK 577 kB IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
Size 577 kB (576932 bytes)
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /js/v2.js HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:24 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 02:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8c540-8cda4"
expires: Mon, 20 Nov 2023 14:43:24 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
metemesk.io/js/jquery-3.5.1.min.dc5e7f18c8.js
154.12.27.147200 OK 90 kB URL GET HTTP/2 metemesk.io/js/jquery-3.5.1.min.dc5e7f18c8.js
IP 154.12.27.147:443
Certificate IssuerLet's Encrypt
Subjectmetemesk.io
FingerprintD8:F9:2C:A8:66:FF:E2:8A:8F:C5:77:64:08:EA:1F:D2:5F:B7:B4:DB
ValidityFri, 17 Nov 2023 07:20:51 GMT - Thu, 15 Feb 2024 07:20:50 GMT
File type ASCII text, with very long lines (65451)
Hash dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Analyzer Verdict Alert OpenPhish phishing Crypto/Wallet
GET /js/jquery-3.5.1.min.dc5e7f18c8.js HTTP/1.1
Host: metemesk.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
date: Mon, 20 Nov 2023 02:43:24 GMT
content-type: application/javascript
last-modified: Thu, 20 Jan 2022 02:13:20 GMT
vary: Accept-Encoding
etag: W/"61e8c540-15d84"
expires: Mon, 20 Nov 2023 14:43:24 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
142.250.74.132200 OK 1.0 kB URL GET HTTP/2 www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
IP 142.250.74.132:443
Certificate IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT
File type ASCII text, with very long lines (1008), with no line terminators
Hash a61729aa0917169a919873616dd5b68e
b91f8ec9166497f39cfe51ed72fd62c743a58426
238abca09e2df85e2b20afb61c2277e1365ade1aecfb56ac3ffe8e39a510dd9b
GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metemesk.io/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Mon, 20 Nov 2023 02:43:25 GMT
date: Mon, 20 Nov 2023 02:43:25 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2