r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 326898eb925368408f6f42ee173b9d89
b8b20ee34b7e7b139e7729b8e46a54ea25f54ac8
96c2c75f700ab55649882111713ca3cfb2eaf08e404c2bc245a641dc12ae168a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96C2C75F700AB55649882111713CA3CFB2EAF08E404C2BC245A641DC12AE168A"
Last-Modified: Wed, 04 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7957
Expires: Sat, 07 Jan 2023 01:48:07 GMT
Date: Fri, 06 Jan 2023 23:35:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ce8af3d72e7e9af609039abee59c8b87
8e1b16591fbc632df35f15e23da55ee86af31bc3
52edddbda4a3a3b778f61a491b21e6ea439e9d8024189e636b1f37b2dd7226fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52EDDDBDA4A3A3B778F61A491B21E6EA439E9D8024189E636B1F37B2DD7226FC"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7070
Expires: Sat, 07 Jan 2023 01:33:20 GMT
Date: Fri, 06 Jan 2023 23:35:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 06 Jan 2023 22:48:04 GMT
content-type: application/json
age: 2846
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash da484f5e9c6805745e063b236fb81473
ae454bf4a7ae0e96935afc81ee0f89c049097b15
068d0da23acbe7f6b600c4e7dbe9c81d3ad78c8afd122255bbf3550e8a290686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "068D0DA23ACBE7F6B600C4E7DBE9C81D3AD78C8AFD122255BBF3550E8A290686"
Last-Modified: Wed, 04 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2289
Expires: Sat, 07 Jan 2023 00:13:39 GMT
Date: Fri, 06 Jan 2023 23:35:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: d+dHqGuig8yRfgMTamW06YH8bnFAXy0CWKsq/VS9tRUwO/ZhI9RiIZk8pKWnsr5cbRHnuxP6RrXecFoMrsjEoA==
x-amz-request-id: G92588P6H2NVB582
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 06 Jan 2023 23:02:22 GMT
age: 1988
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
mateamask.net/
188.114.97.1200 OK 8.0 kB IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (19383), with CRLF line terminators
Hash aa83ff4c613afd769cbbdf668321e750
2baed0889c24a457e3f94cbc42d6e1c1e842cf84
94112d64d0340ca0163c5679b6f9470f2b370e286d922fe89526de9a26cbad06
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET / HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:30 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 06 Dec 2022 16:44:21 GMT
Vary: Accept-Encoding
X-Powered-By: ASP.NET
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t3fmjK45AvfZDKPjCzusB7W4ak9ctHYAVj9ATckAGSKAJaA%2BnIm%2B1wR%2BB37ytGKMf6Z4TwKWUZOcYN0OyeH9WAeqeGhTG%2BWJ%2Bfcuf4wmFm0YNeETw9xLvoNQ8qAlcifo"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7858453c1e4d1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 06 Jan 2023 23:35:30 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34373)
Hash 1390e823e4464795cd66ac593d94809a
208e2903bbe19109c7781db997395111d09b0c2b
8812cbab04c1444c5cb9f012f72b9c45ef827b91f933925de28011b9a65701af
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Server: openresty
Date: Fri, 06 Jan 2023 23:35:30 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 03 Jan 2023 09:37:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63b3f756-8724"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 06 Jan 2023 23:33:39 GMT
age: 111
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
mateamask.net/css/normalize.css
188.114.97.1200 OK 3.2 kB URL HTTP/1.1 mateamask.net/css/normalize.css
IP 188.114.97.1:0
Hash a374526bdf1ad36c19e8f090f3cd9eaa
0ead1b536b4527b4e975166482111231b5d01d0e
109cdc6a8286720e85a5fae5c0ae8bf6b044be54f827a8f9ffed438e1cab72d4
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
GET /css/normalize.css HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:30 GMT
Content-Type: text/css
Content-Length: 3198
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 18:12:42 GMT
ETag: "115347630f5d81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vgrjy6y73VyQjkNcldIx72AyK0Ec44eosRMi2YvQ6%2FKuDxNS0yIDk0N6xM5BtGi9Tf8uKR%2B0AOsGHL%2Bckvd4%2FhQt2asZmMbsr5cgFCj0awLua%2BMcJjbvketF3fYVxeTV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7858453f792f1c06-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/css/webflow.css
188.114.97.1200 OK 12 kB URL HTTP/1.1 mateamask.net/css/webflow.css
IP 188.114.97.1:0
File type Unicode text, UTF-8 text, with very long lines (2587)
Hash 9bcecb1684dd926ee400052da836edcc
9670a7e6ff7584253f6a81661170d7a3c92a68b8
bd0b1ca3165f2769cc3f0edca1ed4ec8cfe5aa534d7deeee1a6f70eab45e5a81
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
GET /css/webflow.css HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:30 GMT
Content-Type: text/css
Content-Length: 12097
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 18:12:42 GMT
ETag: "ea3e48630f5d81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2BUJVRrDhbcuHrRtYF8HNTu4nCyPp%2B0455HWfZz3N0CMewZm7qlJxrc8UdbxHiSCtIeNaqwMhCDE%2FDGr9PWFEKtfRU3Qq5%2BpQ4mKLPvrsD9fgZUFhad4QiOHkl%2BvxE8g"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7858453f8e020b59-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/js/webfont.js
188.114.97.1200 OK 6.5 kB URL HTTP/1.1 mateamask.net/js/webfont.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (2134)
Hash de748a8e6e392f2de0a6c2e5709a4cea
3fbce77eb09223b2ae4e35ee43b429093542d814
f21f56bc6d537aef9d020e64fa3cd9ff66d3430a468931799a3a33fc5ec038ed
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /js/webfont.js HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:30 GMT
Content-Type: application/javascript
Content-Length: 6461
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 18:32:00 GMT
ETag: "844ad3b832f5d81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d0XLDcR7LDs2hr%2FjjQatIfaN4jT21UGPlyR8CqBua9lB525Sdg1Z6KA7IpKHiUwckkSvACLOk2UANXGEkC6vZLtXaHQCmWRIYQvwhPwL7bL9DVV3mw18S7c5z%2F8vLs6z"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7858453f8e8efac8-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/css/metamask-staging-2.webflow.css
188.114.97.1200 OK 31 kB URL HTTP/1.1 mateamask.net/css/metamask-staging-2.webflow.css
IP 188.114.97.1:0
Hash 5420a59bb071e595cc9a1c25692896af
8e1d88a53177feddb4225f330fa95a43d7954229
da8c4d7ca22babf8ef77e38f922d39b8e17f9f11cec71683d942c406275729ce
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
GET /css/metamask-staging-2.webflow.css HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:31 GMT
Content-Type: text/css
Content-Length: 30561
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 11 Nov 2022 08:13:18 GMT
ETag: "19c5a374a5f5d81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ev5eHqAKFJGmcc6t5hkY4l7DylegMWr1V1jxwz3MG8NiS0RcsaExdYS0yRdEKVz2kadhy8AYnuiH07XdfNIZc7%2FoSmGDP0Itj8nwerzXIs0E497a92TgYVv1xMFG%2FDeN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7858453f8c4fb50f-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/js/analytics.js
188.114.97.1200 OK 25 kB URL HTTP/1.1 mateamask.net/js/analytics.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (1325)
Hash 724b22fdeabacbcfd86b88055b1f2ed4
ada32d80b0636f7cbc90d1c8028fe3f180c35588
909cf71f76c26d697a5424d5ef6d8a25dc8fd1d4df93584e6c88d8cb86cb9e70
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /js/analytics.js HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:31 GMT
Content-Type: application/javascript
Content-Length: 24733
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 18:32:00 GMT
ETag: "346dc3b832f5d81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eUExsZqa3FfxzUc%2FdhfzZQTDAPVqCtRW9AlgoonaDQ4gDfPtDvA%2FlF%2BuJTfaNfqm37TpAdjcbXHufiP49jwzDopKWQQrJaQfOq8iaqPZ%2FRxeIiI4pZwX0lltMsbpXubq"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7858453f884d0b51-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 43c8442b7447debab97b0f6bc973e23a
38a5f1869cff7f6ddbfd3a24e57a3da7851ba3b0
4eb7adc914570287dde1317395d1d95b07271c8fe20b97a8928025c292c47dba
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5495
Cache-Control: max-age=126172
Content-Type: application/ocsp-response
Date: Fri, 06 Jan 2023 23:35:31 GMT
Etag: "63b7e4a8-1d7"
Expires: Sun, 08 Jan 2023 10:38:23 GMT
Last-Modified: Fri, 06 Jan 2023 09:06:48 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
mateamask.net/js/gtag.js
188.114.97.1200 OK 44 kB IP 188.114.97.1:0
File type ASCII text, with very long lines (1896)
Hash f9dab5f00e070ba7762256ab6f9f943e
66bd207b72089f6a84bea7ba08255ec779525efc
8f422d8368e8d7f8e86f0b45c4378abe0099d6a86276afad3264411c5352e618
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /js/gtag.js HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:31 GMT
Content-Type: application/javascript
Content-Length: 44286
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 18:32:00 GMT
ETag: "43a9c4b832f5d81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9KKY5iVFyk4AeQnHq5HLtRjg4gN8tij5NDZKdc3IRkJWq2qiOH%2F%2BMgvOlb74Wvk3nqT%2B592GQI0WSzztaN17YFaA62P0BijjMf3JgASBCf%2B5SCWotmY7hXY5fb96LmWG"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7858453f8c1ab509-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/js/enterprise.js
188.114.97.1200 OK 826 B URL HTTP/1.1 mateamask.net/js/enterprise.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (1104), with no line terminators
Hash c229db39c77aed1d7b935a2cae4dedbc
877ceb118256f3c6ab0ce17c927ab3f2941fada5
18453b55298111492bb40232dbb1ebe5ddc7796f6346f3f0ee3a77c40f67024c
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /js/enterprise.js HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:31 GMT
Content-Type: application/javascript
Content-Length: 826
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 18:12:42 GMT
ETag: "ddcf6d630f5d81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BjEnNcsTRHb8WJLLKE9iVH4g%2FdcAvVHpy6nwF3UXJnvsfe7kyEey57CDZTnhn8P%2F9aXE5HhylbHMdV5ZRnG3VfS4r49WOmlOn5YHaIaPFKzocMerymWxUVxschLOyKc6"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78584541eace1c06-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/js/jquery-3.5.1.min.dc5e7f18c8.js
188.114.97.1200 OK 40 kB URL HTTP/1.1 mateamask.net/js/jquery-3.5.1.min.dc5e7f18c8.js
IP 188.114.97.1:0
File type ASCII text, with very long lines (65451)
Hash ba8a8242ecb2b46d0de05e51e503a1e5
4eff38e79787942f38aa9f2682ee220c45370c29
4d897c5e328ac1c91f487b11cb0d0a67b87c3828a594590736b65e83586ada50
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /js/jquery-3.5.1.min.dc5e7f18c8.js HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:31 GMT
Content-Type: application/javascript
Content-Length: 39819
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 18:32:00 GMT
ETag: "43a9c4b832f5d81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wNHZILZX92NF5XvLw%2Fsh2YW4rHf4zmpFE3zgfsh7rJxkYqjLK6UXVnWBuPZJqBpTaRmHRU6u2pXQhfy2EiD1q8yydOQFlNCvPtbQPET8g7dGyOlfv36rPgv9mdoSDEF4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 785845431f6ab50f-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/metameask.com/logo.js
188.114.97.1404 Not Found 681 B URL HTTP/1.1 mateamask.net/metameask.com/logo.js
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 31e9fc60acd51416a2d46d438f110c87
3f2d477fbc4f31f7c1cdce67fa62b91dbcf3be31
7f5761616dfd681c53b9e4262352899378044d0bae11f301a7190d66bf5a4702
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /metameask.com/logo.js HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 404 Not Found
Date: Fri, 06 Jan 2023 23:35:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=il%2B5gAvU2omWtpipqRL56DgaibCK9k6x9DiHdHutJW8iGZg4SKo1S0Cl6H2hQYSRKoFoOFxFesbIvk8EVjpLFSpti9LdL8GT3tfeLaiLb4uVD%2Ft53cOUh6D2XOV2KI%2BE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78584541ef7f0b59-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
35.163.114.208101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.114.208:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: saUk/1JKmr29WKN2utUB3A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ca2fEa+bcVNQUZkvnz/rOxFcPWs=
mateamask.net/z_stat-1280416669_1280416669.js
188.114.97.1404 Not Found 681 B URL HTTP/1.1 mateamask.net/z_stat-1280416669_1280416669.js
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 31e9fc60acd51416a2d46d438f110c87
3f2d477fbc4f31f7c1cdce67fa62b91dbcf3be31
7f5761616dfd681c53b9e4262352899378044d0bae11f301a7190d66bf5a4702
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /z_stat-1280416669_1280416669.js HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 404 Not Found
Date: Fri, 06 Jan 2023 23:35:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqIlUyvZPXObs0nR5Y09xla1w9Ab9KmVvJ5%2FGxAVUmUxcrRtgx3cWMjrM4aGtB2%2BC%2F2Hbr4%2FjnRKdGj%2FcNxUyJfD6TNFgSq%2FDB4dshe%2BFuMkWKPrRRIEo7OGoAxGzy6%2B"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785845445c2d1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mateamask.net/js/common.js
188.114.97.1200 OK 623 B URL HTTP/1.1 mateamask.net/js/common.js
IP 188.114.97.1:0
File type ASCII text, with CRLF line terminators
Hash a2551ebe00964720da6025e7c9151b14
73b4ebb2e3a80aba76c1dbdb7a6f17a98c76d86b
733ab25aee8224ef0b89bba9adfdc060a096da103f9a8ead97ec583f3419d28b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /js/common.js HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:31 GMT
Content-Type: application/javascript
Content-Length: 623
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 18:12:43 GMT
ETag: "3405e730f5d81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Bm9HNyro2YnxLp6c7EYSySE9J5YlX3UkgXlarEefyKEPQw2xfrYPxHNBpo%2FqalfF3NGM6u2QISlMlXg%2FPZ1e2uHCunrGX6hhq2ZyOncHqGsPMjydUcLBf9JH6U747aUN"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 785845444941b509-OSL
alt-svc: h2=":443"; ma=60
metameask.com/images/mm-shop-hoodie-p-500.png
172.67.136.225404 Not Found 681 B URL HTTP/1.1 metameask.com/images/mm-shop-hoodie-p-500.png
IP 172.67.136.225:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 31e9fc60acd51416a2d46d438f110c87
3f2d477fbc4f31f7c1cdce67fa62b91dbcf3be31
7f5761616dfd681c53b9e4262352899378044d0bae11f301a7190d66bf5a4702
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /images/mm-shop-hoodie-p-500.png HTTP/1.1
Host: metameask.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 404 Not Found
Date: Fri, 06 Jan 2023 23:35:31 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FgkywrZW4Vg%2FhcqeKJAk8SaWD4kDZRDMDNAB6jIQh5Naeev3ah8tECkvhoIwT2q1gCf%2FW6%2FWUJPqcq%2FvGznGA6gy86V61l2zIlqIBzfpkxQmKpN30T21e8irYcZwk1vB"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785845445b041bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mateamask.net/images/mm-logo.svg
188.114.97.1200 OK 3.3 kB URL HTTP/1.1 mateamask.net/images/mm-logo.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Hash 48c19409dffc91d120f1263ef8f2ff5f
79860f9c6cf69478dec8b993b7640e9d49d14013
06b5770de5bd495d8dfb0be51bee2f2d6fe1392ad7a6db11194d9ebe52a4f4b2
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /images/mm-logo.svg HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:26 GMT
ETag: W/"d1bedc912ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7JICSC1A%2BdI5SbDOsCNWbwRyTJ0m0bfAualR9A%2FS1%2Fq%2B8%2F7%2FAB%2BXQLUuvS%2FxjOvKLUXvnh1rtVdyUTQFlH4blPZXodO6RSxHtneZIMhGrIQDHOa6QDiVEIn6rCwBq1w"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78584544688ab50f-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mateamask.net/images/social-35.svg
188.114.97.1200 OK 402 B URL HTTP/1.1 mateamask.net/images/social-35.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 4cc91bc2e4054ff5b275a149c64af129
9347818499ae1c9a618386352bc8b14e2371fc60
ad9a952881eaa3fff7ed34bede3c542a601e73b576128b8592b2bcae1b78498d
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /images/social-35.svg HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:31 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:26 GMT
ETag: W/"edafae912ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mxFySTKPRn7JfFhoX5UD9NwLD8TdVoktlPWRlfrFhodaWziE0PY%2Bhuj23WMKDXUX2%2B7921LJ4Jhuj3%2BEDqnCnOXiq0yWrUrBK3yxcNX%2Bm8c43%2BSUTpJ1JjY1PsgaY1kT"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7858454468c10b59-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mateamask.net/js/v2.js
188.114.97.1200 OK 200 kB IP 188.114.97.1:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 200 kB (199458 bytes)
Hash d22ac20100b51070f68a79fb8dcad997
b64bbee2d74fae67fa58f53c4506111b53eaf580
69d7bb0798806787ae1d0383adc254ac219df9ebf122ffd18bc94bdfa2525dd0
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /js/v2.js HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 18:32:00 GMT
ETag: "54b7d0b832f5d81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FM6wgIh4OFu9%2FBPL8Nm71GxH0XY%2BKR%2Fm1UTE%2Fn%2FDCorZKsPGxlS2HWF42sOMFM5pPmmKvFCVcBZxD49lqQokOlDsnfTLsl5FM7%2BFit3IOpqKzW7YNXVTtspYXzL2FQQj"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78584541e805fac8-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__zh_cn.js
188.114.97.1404 Not Found 681 B URL HTTP/1.1 mateamask.net/www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__zh_cn.js
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 31e9fc60acd51416a2d46d438f110c87
3f2d477fbc4f31f7c1cdce67fa62b91dbcf3be31
7f5761616dfd681c53b9e4262352899378044d0bae11f301a7190d66bf5a4702
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /www.gstatic.com/recaptcha/releases/UrRmT3mBwY326qQxUfVlHu1P/recaptcha__zh_cn.js HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 404 Not Found
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnjudvg1eK7OjyyzJlKeFqwkbyImf9bVnbpEQ%2F62rF2b2DdslIxBc6CCFHzduWwq8fuMzPXNb2G13UB4aWBU5g3woFj5ujeUwIPkboxbjXMVkpY3W4NuBMSxWrs1CIOw"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78584546ad9b1c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mateamask.net/js/webflow.js
188.114.97.1200 OK 179 kB URL HTTP/1.1 mateamask.net/js/webflow.js
IP 188.114.97.1:0
File type Unicode text, UTF-8 text, with very long lines (54239)
Size 179 kB (179116 bytes)
Hash 9cd664a17bf98edbbdbe7eda36db463b
a996987931a8891d7a1d90eb61eb683449c9d108
a8f02801a841f5345050fc0dd815162d37e563f220a432475725de26ce8908bf
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /js/webflow.js HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:31 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Thu, 10 Nov 2022 18:32:00 GMT
ETag: "c387d2b832f5d81:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VpzRqq5BQ3exjqG1QspYyCJ5NJUGBEpVgZs%2Fg0ETjATCQjc0JZPyuzQZcUVW35qNmX5Eg8M2F3cEQ4cw2q1e9mGpDlYsM3k9ealJp44nfboSvb3nw0kYPmraqefI%2B5Ls"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 785845431bd40b51-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/fonts/EuclidCircularB-Regular-WebXL.woff2
188.114.97.1200 OK 45 kB URL HTTP/1.1 mateamask.net/fonts/EuclidCircularB-Regular-WebXL.woff2
IP 188.114.97.1:0
File type Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Hash 2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /fonts/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mateamask.net/css/metamask-staging-2.webflow.css
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Type: application/font-woff2
Content-Length: 45196
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:29 GMT
ETag: "45efa2932ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sA4nCJQbKT%2FNdWsoVltgjE6x6TrnWPW9Alud6nPFtiS4QrlCJAwZC9kjTRAF%2F%2BIW1ARw4Sx3y9lW9QhxkvfuLZrn67x%2FyPO3zTvULiF8777kxTdkgcresCcsLG4Vew8M"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78584546bbe1b509-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/fonts/EuclidCircularB-Bold-WebXL.woff2
188.114.97.1200 OK 44 kB URL HTTP/1.1 mateamask.net/fonts/EuclidCircularB-Bold-WebXL.woff2
IP 188.114.97.1:0
File type Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Hash 9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /fonts/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mateamask.net/css/metamask-staging-2.webflow.css
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Type: application/font-woff2
Content-Length: 44544
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:29 GMT
ETag: "d84774932ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sPDwTDhvZcnuhzg6mcDf1tV1kWyA9lfLCzAuT9NgNE%2FHqrVxg0VtZdmbHb8rahtPldoZoC%2FQmucR1T%2FkjnThrOKLyKZZ6o5bJAj54Tt9N9Cdj6pZbKbnMTGKvkvgKL%2F8"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78584546daeeb50f-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/z_stat-1280416669_1280416669.js
188.114.97.1404 Not Found 681 B URL HTTP/1.1 mateamask.net/z_stat-1280416669_1280416669.js
IP 188.114.97.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 31e9fc60acd51416a2d46d438f110c87
3f2d477fbc4f31f7c1cdce67fa62b91dbcf3be31
7f5761616dfd681c53b9e4262352899378044d0bae11f301a7190d66bf5a4702
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /z_stat-1280416669_1280416669.js HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 404 Not Found
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: HIT
Age: 1
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ieBbdEvOw5RbnKmdxIH4h4sPD8gWp2b6mrDm2FjjMMBk2Q%2BjEC%2BqPefLWEC97E7ylxLOYdUGvsriyB%2FVZ%2BD%2BIpnmPlsl6O33esiGKWvCyOPaeyhtZVHO8cnjpXdYanpL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7858454b88d8b509-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8034
Expires: Sat, 07 Jan 2023 01:49:26 GMT
Date: Fri, 06 Jan 2023 23:35:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8034
Expires: Sat, 07 Jan 2023 01:49:26 GMT
Date: Fri, 06 Jan 2023 23:35:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8034
Expires: Sat, 07 Jan 2023 01:49:26 GMT
Date: Fri, 06 Jan 2023 23:35:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8034
Expires: Sat, 07 Jan 2023 01:49:26 GMT
Date: Fri, 06 Jan 2023 23:35:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8034
Expires: Sat, 07 Jan 2023 01:49:26 GMT
Date: Fri, 06 Jan 2023 23:35:32 GMT
Connection: keep-alive
mateamask.net/images/Explore-illo.svg
188.114.97.1200 OK 13 kB URL HTTP/1.1 mateamask.net/images/Explore-illo.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1527)
Hash 622c26c1167d3d2edeb28e48c0a5a511
c7ba07a83b2d202bed058f97a87c1035855c6bae
779ba6f1815bd6100595b6d40e863bdb021e5dc10664d6f99fe234b0af7cf3ac
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /images/Explore-illo.svg HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:25 GMT
ETag: W/"83f93f912ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ggSQA5QVC6Zx7Qi56469GxvSLHCY77d%2BVOzdK4udik0BQonPWdb6tsWJEl0r1uaE63nslo8esXtH18SgWzc%2FD00jHslomkiPmBuNny2uwEEPxpaEpmtsHOyTSTeoXIQ3"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785845492f511c06-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7308753d-b099-45a9-ac63-aeb8be417c01.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7308753d-b099-45a9-ac63-aeb8be417c01.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ac8905d1d5c1d4287877b2cd12c578f
3dba315adee4a143e7368e64c52c8766895a754c
7c19db731473111c9e8a0d939b1204b59e11a887cd90774b48d3dfa974cb491d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7308753d-b099-45a9-ac63-aeb8be417c01.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4795
x-amzn-requestid: b8d2ba5b-92d8-40cc-8954-55bd8ed1dd34
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eS7RFFznIAMFe4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7726d-00b967487cd1c1380f7f66d5;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 00:59:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: R_Xc4CnUgOLg_6xXWMQ0DEoSigBBnOdZRGi49w-GOvpzCTXkItb0GQ==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 09:19:59 GMT
age: 51333
etag: "3dba315adee4a143e7368e64c52c8766895a754c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9ea2a04001ae6e92e56682f186ffbc2
dea01d8485f04aba4dcae63eb073a76d242a0095
c71e983f9d53f96de3553eb78da4f6da141d3dd381b1a1d55061f9141d3a54b6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ef3a07b-bcd6-4039-8f1b-5315d2fe51c2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5657
x-amzn-requestid: 4bb9764d-0119-4201-b4e1-f3193d436022
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxL5G-VoAMFblQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8957f-65d303390f3426bc006f23f3;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:41:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: x2J2pA3SunX-oqNpW1qO9rRvN4oylDoaKvx1WaQx_-BgHEo2YvvkZg==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 446e26a256db1310ae719d818e420898.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:47:27 GMT
age: 6485
etag: "dea01d8485f04aba4dcae63eb073a76d242a0095"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51f29fa68742d72a5ad8ad54a973424d
4941e01c8718adfe7ce13d551e80549236e561df
83b4e946e058ae662e559703f64896ce4c5de969045cf8e3e00806297eab0007
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00386939-61dd-4d7a-a930-6df89a8e0c57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6895
x-amzn-requestid: 9f97f493-9846-4eb3-ad6e-f66ba96ad818
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eGCT7FfIoAMFg5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b24a7f-3e871fb3073afc164927e98a;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 03:07:43 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: g0zYW_StzMsZg9vgzLBi3F2cQKsZlAvoCDZBtAxbyqUu1zDn31sbtQ==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:50:06 GMT
age: 6326
etag: "4941e01c8718adfe7ce13d551e80549236e561df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e832123ea0c92a446b5894e75efc86ae
bb438ca635b43819701067ef07a3d910ad29a0c7
e1b0c6cd873f304de15664f96af6b6914e13fbbfb3e2179ba43369e116446773
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f37a3ca-5b31-4876-bbcd-442c1f718b3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5578
x-amzn-requestid: 93353c3e-1b26-424c-b4c6-0d113703edd6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eFvpBFGvIAMFobw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b22c9f-1d07cff31ae39320693642f0;Sampled=0
x-amzn-remapped-date: Mon, 02 Jan 2023 01:00:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: skIlgzeKmjJ2Wsx2QeubgMvO7chgpPNZYqW4E_xhRgkCtDEhAfBp4w==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 07:33:22 GMT
age: 57730
etag: "bb438ca635b43819701067ef07a3d910ad29a0c7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32750e1f-43b2-4ea2-9562-1ec8c85222fe.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32750e1f-43b2-4ea2-9562-1ec8c85222fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05977aeaee3d020a9e54b103bff0072e
74f544d78132f079b849fc2ef613a892c515378f
72b0b5e6ed8685fa24bd66e4173db1701b4a48b3df15c86228b833e615935da8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32750e1f-43b2-4ea2-9562-1ec8c85222fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8704
x-amzn-requestid: 1a997886-3172-4ba2-967d-328539cf685c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eVxErFfVoAMFhYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b89550-7c30a3ff5d97f8b421776fb5;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 21:40:32 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: CKplX8NiGi4DVG0lwV2LILGwKdV6wOzThlE7SEjStyLgYQieTmJfPw==
via: 1.1 599f04a365a179d553682d476509c388.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 21:47:57 GMT
age: 6455
etag: "74f544d78132f079b849fc2ef613a892c515378f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mateamask.net/images/wallet-illo.svg
188.114.97.1200 OK 13 kB URL HTTP/1.1 mateamask.net/images/wallet-illo.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1199)
Hash 067e18dfbee6529f0a37904d112b0fe0
4a1adaaba04d4a6f10c6da6b3fcf8a53e850f334
75db56c8a1097c86009d8c0e525dc6883c41822bead2ce52e003b94e87090da3
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /images/wallet-illo.svg HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:26 GMT
ETag: W/"87fca5912ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcTqoa7Jqc%2Bg8co%2Fs7WxUMRXORXvOzmdP3nCONWjKPgs1BoUQpp524jBmuuPmYnbTlTKsKFG1uEJ73JJykNmrA6CavF%2B1nwccGzSHa3hDfGjwOeZ5BeHhoOfo7kUMy9x"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785845491c4efac8-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 65a13b7b11843a364e80dbc2d54345ff
5b24f4bf17da840e61d96b0ed7452911539dbf67
8dea14e05eb2a0c850fe9441b605f50ec6206baf57da4293f2297cab0a82fe37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1787721-cbc0-4d0c-9ab8-c2bf14e3c622.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10064
x-amzn-requestid: 7b970f82-e9fa-43e8-8757-60ae808a2cff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP6kCEsSIAMFVBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63e19-4884229c1545eef72380e7d2;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:03:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QEyvGn2RTDzP1clTinnHFwpYPUbmH_PaBnN-RK50DLcuHrr9Xz6cjg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 06 Jan 2023 03:13:36 GMT
age: 73316
etag: "5b24f4bf17da840e61d96b0ed7452911539dbf67"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mateamask.net/images/dapp-aave.png
188.114.97.1200 OK 14 kB URL HTTP/1.1 mateamask.net/images/dapp-aave.png
IP 188.114.97.1:0
File type PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Hash 521a00d54b7fe1cb1d7712b655ca54a6
8c5aa52335bf25183781e62843ede770bf6877ba
506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
GET /images/dapp-aave.png HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Type: image/png
Content-Length: 14347
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:24 GMT
ETag: "8ae082902ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KP3dlECP8Yy7m9oH3AMU617D90xDYFBujdupUpPW%2BbcCt1p8u8h8u2NcorGnsZsawQj06R3hUxRKTW8B1%2F2iKPHelo3Q1wdL4wvJEsmX9oL1Biv51156kM%2FLjCddxicg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7858454b9f1fb50f-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/images/dapp-axieinfinity.png
188.114.97.1200 OK 43 kB URL HTTP/1.1 mateamask.net/images/dapp-axieinfinity.png
IP 188.114.97.1:0
File type PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f662391fe3ddc927134ba8e15263eaf
ab5ea7aacdc8c97238247f59761abc02033b2a67
7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
GET /images/dapp-axieinfinity.png HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Type: image/png
Content-Length: 42713
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:24 GMT
ETag: "ee5d82902ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aRe0GQlaVT9WHJRfbXGmAIPck6Xhc%2FO9ralaHS%2Bu%2BmQblBZ6etonqpX6EivwJsQ1tDQelaD2lXG5lPEVJT%2B3igGN4z1q1nOOsHUL7FJku1xxqrqbmjbrONexVCt3FMxE"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7858454b98e5b509-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/images/Browse-illo.svg
188.114.97.1200 OK 11 kB URL HTTP/1.1 mateamask.net/images/Browse-illo.svg
IP 188.114.97.1:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2226)
Hash 2a44633d12db297d022d80b062955f14
1833dc348885749af8ce3e17957ab711f0907760
4e3b62773744613fff4e8af579a70d647de35a44ff7c112d481a35861668b97b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
fortinet Phishing
GET /images/Browse-illo.svg HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:25 GMT
ETag: W/"a4f93b912ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6N0pYgwVd3ZZwUIG%2FQvFmGWAEQiMMu4N1JlYdoskRh2%2Fwvsx0WjqzneXebnSzVrkGIBRXUJsyV5XRGIQeCxzPkoxxrTjkzZXXjdRJNCu4WsHaP2XTeRhguS2pW42%2B3l4"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7858454a6aae0b51-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
mateamask.net/images/dapp-gitcoin.png
188.114.97.1200 OK 8.0 kB URL HTTP/1.1 mateamask.net/images/dapp-gitcoin.png
IP 188.114.97.1:0
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash c710e9a5c39e89136a73edf0a1c99abe
aca40362b7d87533d00250e102ba852d19e2231c
7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
GET /images/dapp-gitcoin.png HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Type: image/png
Content-Length: 7998
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:23 GMT
ETag: "edc0de8f2ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHPTYTGrV1uj11sL7m%2F8QKxz597Wkoaa%2BMS4so%2F021zxUb6X5z3mRjbbKFzNvC1GHWUt6ohyGyFzFGmImV1wxUzvG97MQ%2BZcJUU2cj1IIiNmL72ndb01F0JURgBSLp9p"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7858454cde69fac8-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/images/dapp-compound.png
188.114.97.1200 OK 11 kB URL HTTP/1.1 mateamask.net/images/dapp-compound.png
IP 188.114.97.1:0
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 3818f9cfccbd94fad91a10d3c5ee356c
7c6af849177aa8bf6ef9bcbf801dc375e1997900
20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
GET /images/dapp-compound.png HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Type: image/png
Content-Length: 11355
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:23 GMT
ETag: "b4659902ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VuIlREKDUtEwAcBDyOVu8RhNBzcrEUj%2F5GrfsImH2Z9kV5cWG5euQ55mrCNZrAKTdNhbfZaKIAB4Dgb7Job%2FYVFhEyd2DGLUqkNpIkziRaZ96K4XkF%2BKh1EjOXNZ%2FklD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7858454cb9a51c06-OSL
alt-svc: h2=":443"; ma=60
collect-v6-alqy.51.la/v6/collect?dt=4
39.108.107.112200 0 B URL HTTP/1.1 collect-v6-alqy.51.la/v6/collect?dt=4
IP 39.108.107.112:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6-alqy.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 289
Origin: http://mateamask.net
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200
Server: nginx/1.20.1
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Length: 0
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://mateamask.net
Access-Control-Allow-Credentials: true
mateamask.net/images/dapp-opensea.png
188.114.97.1200 OK 6.5 kB URL HTTP/1.1 mateamask.net/images/dapp-opensea.png
IP 188.114.97.1:0
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash f82776f839cec899c9c87a680226aabf
43f5dedb6216cb02ee568fcb66cb19fc296c3a85
c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
GET /images/dapp-opensea.png HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Type: image/png
Content-Length: 6533
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:22 GMT
ETag: "6d346f8f2ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y7mHssH9Q%2FK8lL2U9HlCYlI0om8zUTdeqyTn6qpU4Y57JJGa4OVq7%2BC35yJ0UkrZqTHRAnbNQ%2BtGf1Av4CRaE8HG2uwD1pJNfugESe9dII5%2BIAASnDblf872xeru8B5V"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7858454e0b67b509-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/images/dapp-rarible.png
188.114.97.1200 OK 6.8 kB URL HTTP/1.1 mateamask.net/images/dapp-rarible.png
IP 188.114.97.1:0
File type PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Hash b9f7c0fd11c34c044799e673947103f8
491baab057af39b2b24bf0c671d0eb05454b8c48
29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
GET /images/dapp-rarible.png HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:33 GMT
Content-Type: image/png
Content-Length: 6840
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:21 GMT
ETag: "3d5ff98e2ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=euBlabIW2JTFHWU8PympmdyDk42i2674gRH6R%2FJ5Smr8jQftwJxOyvZeh%2FWmH4KYOPoOJAeObZ%2FXSq%2Bj4UPiQ%2FEuP62ipGGFyLedJyXhBCHBO76QgD%2BsmqRJ97Qo%2Fdkd"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7858454e0d420b51-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/images/dapp-maker.png
188.114.97.1200 OK 6.9 kB URL HTTP/1.1 mateamask.net/images/dapp-maker.png
IP 188.114.97.1:0
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 720871ca002e89a10d26e5c516066311
8648fe12645cd5c3473a73faba1d42cef78de444
f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
GET /images/dapp-maker.png HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:33 GMT
Content-Type: image/png
Content-Length: 6852
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:22 GMT
ETag: "61be948f2ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2n25FEQoVrO%2FqYdUUbPsKFM1M1RjzDeFIXz%2BW0JGR0EYHVmh2KusXsvhUzsU8vUwDM6JlbPV9mEM%2BHp7gVcGRSqF8n52%2F5wfIPcKJ5E96wwANpSWp4ESaiA1nGo4Awg"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7858454df95cb50f-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/images/hero2.2.png
188.114.97.1200 OK 590 kB URL HTTP/1.1 mateamask.net/images/hero2.2.png
IP 188.114.97.1:0
File type PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data
Size 590 kB (589568 bytes)
Hash d0ec70f4c666fbf6ad0d30a52d08c5c9
e48f0688bc4f592824840478d12c05df0dd12002
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
GET /images/hero2.2.png HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/css/metamask-staging-2.webflow.css
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:32 GMT
Content-Type: image/png
Content-Length: 589568
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:34 GMT
ETag: "2ce873962ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ex3JxLToGGXxvXw8KaYFxMdkZt9q%2FAx8d%2BObYOfWK9IUYkvE8MOO8H1YXgtQkl5LjH2V6bLCUteNnvSk708AM3Yw%2BlzKoY5u%2BEh1KGy6PjH8t0wIqBBbfX9TmII4X%2Fpf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78584546ea3c0b59-OSL
alt-svc: h2=":443"; ma=60
mateamask.net/images/dapp-uniswap.png
188.114.97.1200 OK 10 kB URL HTTP/1.1 mateamask.net/images/dapp-uniswap.png
IP 188.114.97.1:0
File type PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Hash 1948962ad395727d902bd6b5fcd01807
f7e85e096b084ef6d9f550afbcd702fd889031a5
ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
openphish Crypto/Wallet
GET /images/dapp-uniswap.png HTTP/1.1
Host: mateamask.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200 OK
Date: Fri, 06 Jan 2023 23:35:33 GMT
Content-Type: image/png
Content-Length: 10268
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 18:09:21 GMT
ETag: "8816a28e2ff5d81:0"
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7bqvbCWBND8EKeFMvfdGjIdd9TlBsQfPgVfo4kHPo4BFapbY6fpfkPXA3Jw7aN5%2BDEx9rQrb5gaAuU1Yxt0teRiBiA%2F790Vp%2Bw%2BtoKSPn7ky2zdoMm%2B2FMeZuUTRqcts"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7858454e1f1cfac8-OSL
alt-svc: h2=":443"; ma=60
collect-v6.51.la/v6/collect?dt=4
103.143.19.103200 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 289
Origin: http://mateamask.net
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 200
Server: CloudWAF
Date: Fri, 06 Jan 2023 23:35:33 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=80cb743c8e4bca83009; path=/
HWWAFSESTIME=1673048131525; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://mateamask.net
Access-Control-Allow-Credentials: true
metameask.com/images/favicon.ico
172.67.136.225404 Not Found 681 B URL HTTP/1.1 metameask.com/images/favicon.ico
IP 172.67.136.225:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 31e9fc60acd51416a2d46d438f110c87
3f2d477fbc4f31f7c1cdce67fa62b91dbcf3be31
7f5761616dfd681c53b9e4262352899378044d0bae11f301a7190d66bf5a4702
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /images/favicon.ico HTTP/1.1
Host: metameask.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 404 Not Found
Date: Fri, 06 Jan 2023 23:35:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BGnXl%2BHnmc9EeNiYGgXcZH1kpALsQ9dBcoIfmD%2FzknNwLQ5ssgI%2FZojnRmjOn8kBnVTwhfiYjhyj%2FBOLgdVW%2BJtyN2RMt5XLKHBxCVr7z9TkNqExA4nqhTLUI%2FMDIdUO"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78584551498ab511-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
metameask.com/images/webclip.png
172.67.136.225404 Not Found 681 B URL HTTP/1.1 metameask.com/images/webclip.png
IP 172.67.136.225:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 31e9fc60acd51416a2d46d438f110c87
3f2d477fbc4f31f7c1cdce67fa62b91dbcf3be31
7f5761616dfd681c53b9e4262352899378044d0bae11f301a7190d66bf5a4702
Analyzer Verdict Alert urlquery phishing Phishing - Generic Crypto/Wallet
urlquery phishing Phishing - Generic Crypto/Wallet
GET /images/webclip.png HTTP/1.1
Host: metameask.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mateamask.net/
HTTP/1.1 404 Not Found
Date: Fri, 06 Jan 2023 23:35:33 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: ASP.NET
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hh2hQhqjU4%2FX8JUcXiQeKPVVdBJRElgs1nZS%2BphINEJASNERD7680JfxQVPuOAxc8b7wBD2YjZi0gKu10hhSXTkJIyr801B6AY%2FPxByS6gGYjSoEGYWcqJqyZRS2ejEi"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 785845514caa1bfe-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60