metamask-verifications.web.app Open in urlscan Pro
2620:0:890::100 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://metamask-verifications.web.app/
Effective URL:
https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYh...
Submission: On January 17 via automatic, source phishtank (January 17th 2022, 11:04:45 am UTC) — Scanned from DE

Summary HTTP 52 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 10 IPs in 3 countries across 8 domains to perform 52 HTTP transactions. The main IP is 2620:0:890::100, located in United States and belongs to FASTLY, US. The main domain is metamask-verifications.web.app.
TLS certificate: Issued by GTS CA 1D4 on December 2nd 2021. Valid for: 3 months.

This is the only time metamask-verifications.web.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
26	2620:0:890::100 2620:0:890::100	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:5514	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::ac43:4444	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2600:1901:0:9... 2600:1901:0:94b6::	15169 (GOOGLE) (GOOGLE)
52	10

26 2620:0:890::100 (United States)

ASN54113 (FASTLY, US)

metamask-verifications.web.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:5514 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7baf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::ac43:4444 (United States)

ASN13335 (CLOUDFLARENET, US)

json.geoiplookup.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:1901:0:94b6:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

themeta-4aa0a-default-rtdb.firebaseio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-usc1c-nss-274.firebaseio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	web.app metamask-verifications.web.app	613 KB
6	firebaseio.com themeta-4aa0a-default-rtdb.firebaseio.com s-usc1c-nss-274.firebaseio.com — Cisco Umbrella Rank: 50063	2 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	805 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 881	13 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 440	51 KB
4	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 47	12 KB
2	geoiplookup.io json.geoiplookup.io — Cisco Umbrella Rank: 38956
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 584	61 KB
52	8

	Domain	Requested by
26	metamask-verifications.web.app	metamask-verifications.web.app
5	s-usc1c-nss-274.firebaseio.com	www.gstatic.com
4	fonts.gstatic.com	fonts.googleapis.com
4	unpkg.com	2 redirects metamask-verifications.web.app
4	cdn.jsdelivr.net	metamask-verifications.web.app
2	json.geoiplookup.io	code.jquery.com
2	fonts.googleapis.com	ajax.googleapis.com
2	www.gstatic.com	metamask-verifications.web.app
2	code.jquery.com	metamask-verifications.web.app
2	ajax.googleapis.com	metamask-verifications.web.app
1	themeta-4aa0a-default-rtdb.firebaseio.com	www.gstatic.com
52	11

This site contains links to these domains. Also see Links.

Domain
metamask.zendesk.com
community.metamask.io
consensys.net
medium.com
docs.metamask.io
chrome.google.com
addons.mozilla.org
microsoftedge.microsoft.com
metamask.github.io
github.com
gitcoin.co
shop.spreadshirt.com
twitter.com

Subject Issuer	Validity	Valid
web.app GTS CA 1D4	`2021-12-02` - `2022-03-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-03` - `2022-07-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
firebaseio.com GTS CA 1D4	`2021-12-07` - `2022-03-07`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn
Frame ID: 671260C2C1AA9E284BA7E89CACB80FD3
Requests: 48 HTTP requests in this frame

Frame: https://themeta-4aa0a-default-rtdb.firebaseio.com/.lp?start=t&ser=72016267&cb=1&v=5
Frame ID: E3DED182063481632F34B8CF8CBDFC20
Requests: 5 HTTP requests in this frame

Frame: https://s-usc1c-nss-274.firebaseio.com/.lp?dframe=t&id=718892&pw=OIsLaQDHzO&ns=themeta-4aa0a-default-rtdb
Frame ID: A379AC5DBAD70387E4989A96508BEEFD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MetaMask Download

Page URL History Show full URLs

https://metamask-verifications.web.app/ Page URL
https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC... Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/(?:([\d.]+)/)?firebase(?:\.min)?\.js
/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Axios (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/axios(@|/)([\d.]+)(?:/[a-z]+)?/axios(?:.min)?\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

52
Requests

96 %
HTTPS

100 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

1560 kB
Transfer

3274 kB
Size

1
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://metamask.zendesk.com/hc/en-us
Title: Get Support

Search URL Search Domain Scan URL

URL: https://community.metamask.io/
Title: Community

Search URL Search Domain Scan URL

URL: https://consensys.net/open-roles/?discipline=32543
Title: Careers

Search URL Search Domain Scan URL

URL: https://medium.com/metamask
Title: Blog

Search URL Search Domain Scan URL

URL: https://docs.metamask.io/guide/
Title: Developers

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn?hl=en
Title: Chrome

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/en-US/firefox/addon/ether-metamask/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://microsoftedge.microsoft.com/addons/detail/metamask/ejbalbakoplchlghecdalmeeeajnimhm?hl=en-US
Title: Edge

Search URL Search Domain Scan URL

URL: https://consensys.net/privacy-policy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://consensys.net/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://metamask.github.io/metamask-docs/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://github.com/MetaMask/metamask-extension
Title: GitHub

Search URL Search Domain Scan URL

URL: https://gitcoin.co/metamask/
Title: Gitcoin

Search URL Search Domain Scan URL

URL: https://shop.spreadshirt.com/metamask/
Title: Swag Shop

Search URL Search Domain Scan URL

URL: https://metamask.zendesk.com/hc/en-us/requests/new?ticket_form_id=360001539191
Title: Press & Partnerships

Search URL Search Domain Scan URL

URL: https://twitter.com/metamask
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://metamask-verifications.web.app/ Page URL
https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://unpkg.com/axios/dist/axios.min.js HTTP 302
https://unpkg.com/axios@0.24.0/dist/axios.min.js

Request Chain 38

https://unpkg.com/axios/dist/axios.min.js HTTP 302
https://unpkg.com/axios@0.24.0/dist/axios.min.js

52 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 / Show response
metamask-verifications.web.app/ 18 KB
4 KB 25ms
8ms Document
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

00cdbd5df7e27519a51fdee66c37301dde919ccae1f0c7d28fa30404340fff0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "c8a9fada81b22b42a8f12f1fe0cafbd78b3d919437433e67ef3ad920889bb396-br"
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 17 Jan 2022 11:04:40 GMT
x-served-by: cache-hhn4055-HHN
x-cache: HIT
x-cache-hits: 1
x-timer: S1642417481.997630,VS0,VE1
vary: x-fh-requested-host, accept-encoding
content-length: 3402

GET
H2 200 normalize.css
metamask-verifications.web.app/css/ 8 KB
2 KB 10ms
8ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/css/normalize.css

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417481.029822,VS0,VE1
etag: "3009059d00afc41950715b6f694be256a078388410fd7a6327aa0ef35762ac88-br"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 2158
x-cache-hits: 1

GET
H2 200 webflow.css
metamask-verifications.web.app/css/ 38 KB
8 KB 10ms
9ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/css/webflow.css

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417481.029880,VS0,VE1
etag: "a4b0a921465784aea06fe2730abeb30014c377a4d947466daa34b9748febfa96-br"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 8019
x-cache-hits: 1

GET
H2 200 metamask-staging-2.webflow.css
metamask-verifications.web.app/css/ 138 KB
14 KB 10ms
9ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/css/metamask-staging-2.webflow.css

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3108b73a69c0b192be9c206187c2e17949c05805348026599ccadeb2626d88e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417481.029939,VS0,VE1
etag: "5abaf1ba345c9032f7e6b2327c8659a21c7ddfaffff45835c617906980bc13ba-br"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 14109
x-cache-hits: 1

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 124ms
36ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jan 2023 17:41:06 GMT

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
24 KB 41ms
24ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://metamask-verifications.web.app/
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 11:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7222668
x-jsd-version: 5.0.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19180-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6cef1aa88c524339-FRA

GET
H2 200 mm-logo.svg
metamask-verifications.web.app/images/ 12 KB
3 KB 35ms
34ms Image
image/svg+xml 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metamask-verifications.web.app/images/mm-logo.svg

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417481.172804,VS0,VE2
etag: "4e3806862235878cb09b8950ad8b3bedc1f5e2b2620f0a1feb541600ec0b3f1e-br"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 2898
x-cache-hits: 1

GET
H2 200 chrome_1chrome.png
metamask-verifications.web.app/images/ 4 KB
4 KB 34ms
34ms Image
image/png 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metamask-verifications.web.app/images/chrome_1chrome.png

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

90af37bb98146aba902ae19d013dc16ead7ea6f5050f339a5728eaf2a068c7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417481.172877,VS0,VE1
etag: "a99073dd18c5d73866169f497c0de7092ef49a0f223c554fe3c3b098e1ffa100"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 3890
x-cache-hits: 1

GET
H2 200 Firefox_1Firefox.png
metamask-verifications.web.app/images/ 10 KB
10 KB 34ms
33ms Image
image/png 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metamask-verifications.web.app/images/Firefox_1Firefox.png

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

52c88349bd9d45937236e20a4c9928f8a15db9dc7418436900e667b344e079c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417481.172968,VS0,VE1
etag: "9b0b21fdf54abe789a27b2f02005fe58f7d2a9d953811f6c195235ab06837526"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 10509
x-cache-hits: 1

GET
H2 200 Brave.png
metamask-verifications.web.app/images/ 19 KB
19 KB 34ms
33ms Image
image/png 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metamask-verifications.web.app/images/Brave.png

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd70b79d81f32aa721dedf46ea682f1f0c1808d2ffe09da63730b2a01380c214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417481.173035,VS0,VE1
etag: "668a6384c26fff89e46ac7a96439459e419b39614d016c8867fcc3a063419c8a"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 19073
x-cache-hits: 1

GET
H2 200 Edge.png
metamask-verifications.web.app/images/ 34 KB
34 KB 33ms
33ms Image
image/png 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metamask-verifications.web.app/images/Edge.png

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6643f9327bc18e8108d0bc474eee816d0807a10dc8ad3702797e8f81f23c888b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417481.173101,VS0,VE1
etag: "fb8476660d441350293b0bf0addea4c7b1565af6d5305143ce31534ea5bd9aa7"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 34658
x-cache-hits: 1

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 52ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://metamask-verifications.web.app/
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 11:04:41 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 17:27:20 GMT
server: nginx
etag: W/"603e7578-15d9d"
vary: Accept-Encoding
x-hw: 1642417481.dop002.am5.t,1642417481.cds294.am5.hn,1642417481.cds007.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 webflow.js Show response
metamask-verifications.web.app/js/ 587 KB
119 KB 40ms
40ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/js/webflow.js

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417481.140032,VS0,VE1
etag: "b2ec69676e61cdc43b65505f2fb9279ab8ccb9cab180afcf575938c5639fe99e-br"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 121430
x-cache-hits: 1

GET
H2 200 firebase.js Show response
www.gstatic.com/firebasejs/4.7.0/ 386 KB
387 KB 134ms
39ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.7.0/firebase.js

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

423767983a6400d05704c2dc21b33d91e6526705a27c84adc142f30f44f02f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 03:20:07 GMT
x-content-type-options: nosniff
age: 459874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 395055
x-xss-protection: 0
last-modified: Thu, 30 Nov 2017 21:30:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Thu, 12 Jan 2023 03:20:07 GMT

GET
H3 200 uuidv4.min.js Show response
cdn.jsdelivr.net/npm/uuid@latest/dist/umd/ 1 KB
1 KB 38ms
26ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/uuid@latest/dist/umd/uuidv4.min.js

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bbb806e743e21bc9f97b62fc0564e0889b7f31ee9d48c3f2b85d4e00fe629cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 11:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9789
x-jsd-version: 8.3.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19174-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"556-Wdn/VD6mBE6EvolddgVB6g4Ez5g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6cef1aa95c495c20-FRA

GET
H2

200

axios.min.js Show response
unpkg.com/axios@0.24.0/dist/
Redirect Chain

https://unpkg.com/axios/dist/axios.min.js
https://unpkg.com/axios@0.24.0/dist/axios.min.js

17 KB
6 KB

27ms
26ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/axios@0.24.0/dist/axios.min.js

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aed6ac78b8249a9c7cff0030f3b921ee9f771cb1684164f3e679e1023a4d5c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 11:04:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7233048
fly-request-id: 01FJW9CNVMT9N4FTJ5R4ENDR12
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"45b3-NFbQ0Q5mnZV1R20jcsWI1sj3wos"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6cef1aa99d095b6e-FRA

Redirect headers

date: Mon, 17 Jan 2022 11:04:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FSKV0987C9BS5FWXZ332HRTX
server: cloudflare
age: 377
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /axios@0.24.0/dist/axios.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cef1aa96c855b6e-FRA
access-control-allow-origin: *

GET
H2 200 allformdata.js Show response
metamask-verifications.web.app/js/ 6 KB
2 KB 35ms
34ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/js/allformdata.js

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a98d53afe17cdc71f7af987f090b977fe3af08f60a926b65d7321fed219f537e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417481.172702,VS0,VE1
etag: "2ed627c2051e2aaabc6b933a74c63e8330b3895c795225e4a92de2ed78394f1a-br"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 2074
x-cache-hits: 1

GET
H2 200 css
fonts.googleapis.com/ 752 B
582 B 33ms
33ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3972064b60cc8d60061f5aa93b943dc54428f6c29e897f1488d75fb2d5671407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 11:01:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 17 Jan 2022 11:04:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jan 2022 11:04:41 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 EuclidCircularB-Regular-WebXL.woff2
metamask-verifications.web.app/fonts/ 44 KB
44 KB 29ms
29ms Font
font/woff2 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/fonts/EuclidCircularB-Regular-WebXL.woff2

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/css/metamask-staging-2.webflow.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://metamask-verifications.web.app/css/metamask-staging-2.webflow.css
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417481.173177,VS0,VE1
etag: "6cce05d3933dab078087694dfd36bd7b9853e6d93985e8e14ae4bcac6d03171c"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 45196
x-cache-hits: 1

GET
H2 200 EuclidCircularB-Bold-WebXL.woff2
metamask-verifications.web.app/fonts/ 44 KB
44 KB 28ms
28ms Font
font/woff2 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/fonts/EuclidCircularB-Bold-WebXL.woff2

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/css/metamask-staging-2.webflow.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://metamask-verifications.web.app/css/metamask-staging-2.webflow.css
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417481.173246,VS0,VE1
etag: "1660e12e80b2501fb70eb04c030771fe896b45606787b77098efe24ae7fe6ff4"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 44544
x-cache-hits: 1

GET
H2 200 xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
fonts.gstatic.com/s/changaone/v13/ 8 KB
8 KB 127ms
38ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changaone/v13/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2bce7e3f85456cb30a1803f8f261157ca8922d7e0b1c5baf421d65cfd87619d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 05:40:33 GMT
x-content-type-options: nosniff
age: 451448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7924
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 04:39:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 12 Jan 2023 05:40:33 GMT

GET
H2 200 xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
fonts.gstatic.com/s/changaone/v13/ 8 KB
8 KB 127ms
38ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changaone/v13/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c6596dccd4b15e7ab0a21d6b35c75d0f0531d258f342869890165ac974706b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 11:53:59 GMT
x-content-type-options: nosniff
age: 515442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8364
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 04:36:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 11:53:59 GMT

GET
H2 403 /
json.geoiplookup.io/ 0
0 90ms
52ms Script
application/javascript 2606:4700:20::ac43:4444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://json.geoiplookup.io/?callback=jQuery36006135968138141437_1642417481189&_=1642417481190

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4444 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 11:04:41 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: centminmod
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VLLmNsukoZlRpCYDv7XSH7up8qDIukRaQcDctDoEVmi3Bqb8Ucjexiaa%2FtmO56Gbtw5Q46HJzAtBG1F38HOMmKgUEVZpnJFGjdW2QGtR5%2BoQUFSZRCt4R1%2BuGuTksk7Cq29n3VosjaqMap4YkxjiLg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cf-ray: 6cef1aaaf97b4ab5-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H2 200 Primary Request index.html Show response
metamask-verifications.web.app/ 18 KB
3 KB 134ms
134ms Document
text/html 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

00cdbd5df7e27519a51fdee66c37301dde919ccae1f0c7d28fa30404340fff0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/

Response headers

cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "c8a9fada81b22b42a8f12f1fe0cafbd78b3d919437433e67ef3ad920889bb396-br"
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Mon, 17 Jan 2022 11:04:41 GMT
x-served-by: cache-hhn4055-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1642417481.491373,VS0,VE127
vary: x-fh-requested-host, accept-encoding
content-length: 3402

GET
H2 200 normalize.css
metamask-verifications.web.app/css/ 8 KB
2 KB 9ms
8ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/css/normalize.css

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417482.643544,VS0,VE0
etag: "3009059d00afc41950715b6f694be256a078388410fd7a6327aa0ef35762ac88-br"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 2158
x-cache-hits: 2

GET
H2 200 webflow.css
metamask-verifications.web.app/css/ 38 KB
8 KB 11ms
10ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/css/webflow.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417482.643672,VS0,VE0
etag: "a4b0a921465784aea06fe2730abeb30014c377a4d947466daa34b9748febfa96-br"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 8019
x-cache-hits: 2

GET
H2 200 metamask-staging-2.webflow.css
metamask-verifications.web.app/css/ 138 KB
14 KB 10ms
9ms Stylesheet
text/css 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/css/metamask-staging-2.webflow.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3108b73a69c0b192be9c206187c2e17949c05805348026599ccadeb2626d88e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417482.643694,VS0,VE0
etag: "5abaf1ba345c9032f7e6b2327c8659a21c7ddfaffff45835c617906980bc13ba-br"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/css; charset=utf-8
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 14109
x-cache-hits: 2

GET
H3 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
5 KB 70ms
22ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 17:41:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 408215
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 12 Jan 2023 17:41:06 GMT

GET
H3 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
24 KB 34ms
22ms Stylesheet
text/css 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://metamask-verifications.web.app/
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 11:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7222668
x-jsd-version: 5.0.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19180-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 6cef1aac5dc62c01-FRA

GET
H2 200 mm-logo.svg
metamask-verifications.web.app/images/ 12 KB
3 KB 13ms
11ms Image
image/svg+xml 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metamask-verifications.web.app/images/mm-logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417482.726430,VS0,VE0
etag: "4e3806862235878cb09b8950ad8b3bedc1f5e2b2620f0a1feb541600ec0b3f1e-br"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 2898
x-cache-hits: 2

GET
H2 200 chrome_1chrome.png
metamask-verifications.web.app/images/ 4 KB
4 KB 12ms
11ms Image
image/png 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metamask-verifications.web.app/images/chrome_1chrome.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

90af37bb98146aba902ae19d013dc16ead7ea6f5050f339a5728eaf2a068c7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417482.726534,VS0,VE0
etag: "a99073dd18c5d73866169f497c0de7092ef49a0f223c554fe3c3b098e1ffa100"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 3890
x-cache-hits: 2

GET
H2 200 Firefox_1Firefox.png
metamask-verifications.web.app/images/ 10 KB
10 KB 14ms
13ms Image
image/png 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metamask-verifications.web.app/images/Firefox_1Firefox.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

52c88349bd9d45937236e20a4c9928f8a15db9dc7418436900e667b344e079c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417482.726599,VS0,VE0
etag: "9b0b21fdf54abe789a27b2f02005fe58f7d2a9d953811f6c195235ab06837526"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 10509
x-cache-hits: 2

GET
H2 200 Brave.png
metamask-verifications.web.app/images/ 19 KB
19 KB 14ms
13ms Image
image/png 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metamask-verifications.web.app/images/Brave.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

cd70b79d81f32aa721dedf46ea682f1f0c1808d2ffe09da63730b2a01380c214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417482.726664,VS0,VE0
etag: "668a6384c26fff89e46ac7a96439459e419b39614d016c8867fcc3a063419c8a"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 19073
x-cache-hits: 2

GET
H2 200 Edge.png
metamask-verifications.web.app/images/ 34 KB
34 KB 14ms
13ms Image
image/png 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://metamask-verifications.web.app/images/Edge.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6643f9327bc18e8108d0bc474eee816d0807a10dc8ad3702797e8f81f23c888b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417482.726724,VS0,VE0
etag: "fb8476660d441350293b0bf0addea4c7b1565af6d5305143ce31534ea5bd9aa7"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: image/png
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 34658
x-cache-hits: 2

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 17ms
17ms Script
application/javascript 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://metamask-verifications.web.app/
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 11:04:41 GMT
content-encoding: gzip
last-modified: Tue, 02 Mar 2021 17:27:20 GMT
server: nginx
etag: W/"603e7578-15d9d"
vary: Accept-Encoding
x-hw: 1642417481.dop002.am5.t,1642417481.cds294.am5.hn,1642417481.cds007.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 webflow.js Show response
metamask-verifications.web.app/js/ 587 KB
119 KB 9ms
8ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/js/webflow.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417482.710168,VS0,VE0
etag: "b2ec69676e61cdc43b65505f2fb9279ab8ccb9cab180afcf575938c5639fe99e-br"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 121430
x-cache-hits: 2

GET
H3 200 firebase.js Show response
www.gstatic.com/firebasejs/4.7.0/ 386 KB
386 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/4.7.0/firebase.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

423767983a6400d05704c2dc21b33d91e6526705a27c84adc142f30f44f02f0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 03:20:07 GMT
x-content-type-options: nosniff
age: 459874
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 395055
x-xss-protection: 0
last-modified: Thu, 30 Nov 2017 21:30:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="firebase-js"
expires: Thu, 12 Jan 2023 03:20:07 GMT

GET
H3 200 uuidv4.min.js Show response
cdn.jsdelivr.net/npm/uuid@latest/dist/umd/ 1 KB
1 KB 24ms
23ms Script
application/javascript 2606:4700::6810:5514
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/uuid@latest/dist/umd/uuidv4.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bbb806e743e21bc9f97b62fc0564e0889b7f31ee9d48c3f2b85d4e00fe629cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 11:04:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 9789
x-jsd-version: 8.3.2
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19174-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"556-Wdn/VD6mBE6EvolddgVB6g4Ez5g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6cef1aaccd7e5c20-FRA

GET
H2

200

axios.min.js Show response
unpkg.com/axios@0.24.0/dist/
Redirect Chain

https://unpkg.com/axios/dist/axios.min.js
https://unpkg.com/axios@0.24.0/dist/axios.min.js

17 KB
6 KB

19ms
19ms

Script
application/javascript

2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/axios@0.24.0/dist/axios.min.js

Requested by

Protocol

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aed6ac78b8249a9c7cff0030f3b921ee9f771cb1684164f3e679e1023a4d5c69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 11:04:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7233048
fly-request-id: 01FJW9CNVMT9N4FTJ5R4ENDR12
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"45b3-NFbQ0Q5mnZV1R20jcsWI1sj3wos"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 6cef1aad1cef5b6e-FRA

Redirect headers

date: Mon, 17 Jan 2022 11:04:41 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01FSKV0987C9BS5FWXZ332HRTX
server: cloudflare
age: 377
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /axios@0.24.0/dist/axios.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6cef1aaccc445b6e-FRA
access-control-allow-origin: *

GET
H2 200 allformdata.js Show response
metamask-verifications.web.app/js/ 6 KB
2 KB 13ms
11ms Script
text/javascript 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/js/allformdata.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a98d53afe17cdc71f7af987f090b977fe3af08f60a926b65d7321fed219f537e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/index.html?session=p2MYblzSKa3k7qcFi36NdZX1IV6X7quzHcoOskLyEfo0n9EyKVS9QkHBC4wl1ACbOh4Rm3np6zdYhCunJ2oqi9lTzVF64Aa65DSRpEkffpvB5eOBUlsZOYzmtCbaEq20chVE5laXYlNksVeyVs4Xb9R4RfzlzfyAeB5PVc2Xuvohc2FBT4Ppk6BLl9dosOvxpgHyalbn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417482.726334,VS0,VE0
etag: "2ed627c2051e2aaabc6b933a74c63e8330b3895c795225e4a92de2ed78394f1a-br"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: text/javascript; charset=utf-8
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 2074
x-cache-hits: 2

GET
H3 200 css
fonts.googleapis.com/ 752 B
329 B 31ms
30ms Stylesheet
text/css 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3972064b60cc8d60061f5aa93b943dc54428f6c29e897f1488d75fb2d5671407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 17 Jan 2022 10:28:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 17 Jan 2022 11:04:41 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 17 Jan 2022 11:04:41 GMT

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 EuclidCircularB-Regular-WebXL.woff2
metamask-verifications.web.app/fonts/ 44 KB
44 KB 12ms
12ms Font
font/woff2 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/fonts/EuclidCircularB-Regular-WebXL.woff2

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/css/metamask-staging-2.webflow.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://metamask-verifications.web.app/css/metamask-staging-2.webflow.css
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417482.730338,VS0,VE0
etag: "6cce05d3933dab078087694dfd36bd7b9853e6d93985e8e14ae4bcac6d03171c"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 45196
x-cache-hits: 2

GET
H2 200 EuclidCircularB-Bold-WebXL.woff2
metamask-verifications.web.app/fonts/ 44 KB
44 KB 15ms
15ms Font
font/woff2 2620:0:890::100
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask-verifications.web.app/fonts/EuclidCircularB-Bold-WebXL.woff2

Requested by

Host: metamask-verifications.web.app
URL: https://metamask-verifications.web.app/css/metamask-staging-2.webflow.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:0:890::100 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Referer: https://metamask-verifications.web.app/css/metamask-staging-2.webflow.css
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
last-modified: Thu, 13 Jan 2022 20:05:32 GMT
x-timer: S1642417482.730430,VS0,VE0
etag: "1660e12e80b2501fb70eb04c030771fe896b45606787b77098efe24ae7fe6ff4"
x-served-by: cache-hhn4055-HHN
vary: x-fh-requested-host, accept-encoding
x-cache: HIT
content-type: font/woff2
cache-control: max-age=3600
date: Mon, 17 Jan 2022 11:04:41 GMT
accept-ranges: bytes
content-length: 44544
x-cache-hits: 2

GET
H3 200 xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
fonts.gstatic.com/s/changaone/v13/ 8 KB
8 KB 68ms
22ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changaone/v13/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2bce7e3f85456cb30a1803f8f261157ca8922d7e0b1c5baf421d65cfd87619d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 12 Jan 2022 05:40:33 GMT
x-content-type-options: nosniff
age: 451448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7924
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 04:39:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 12 Jan 2023 05:40:33 GMT

GET
H3 200 xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
fonts.gstatic.com/s/changaone/v13/ 8 KB
8 KB 69ms
23ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changaone/v13/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c6596dccd4b15e7ab0a21d6b35c75d0f0531d258f342869890165ac974706b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metamask-verifications.web.app
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 11 Jan 2022 11:53:59 GMT
x-content-type-options: nosniff
age: 515442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8364
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 04:36:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 11 Jan 2023 11:53:59 GMT

GET
H3 403 /
json.geoiplookup.io/ 0
0 98ms
84ms Script
application/javascript 2606:4700:20::ac43:4444
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://json.geoiplookup.io/?callback=jQuery36003898390609388176_1642417481734&_=1642417481735

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-3.6.0.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::ac43:4444 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / centminmod

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 17 Jan 2022 11:04:41 GMT
content-encoding: br
x-content-type-options: nosniff, nosniff
cf-cache-status: BYPASS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: centminmod
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPpANf%2FpqCIyMA32MwRa90jLJJe8cwDrPcd5ABcfvX4j9XEf2K3sTaHpvoFNdt8tFCcB51rUFKMpxZK9eIlBQ80wQciBFk9rYORdl02Mtw%2Bf9qdZX8rgeZxEtrF%2BKlzGGU2cdPTTUxpQSRJZ0A7wYtg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cf-ray: 6cef1aadf9a6697f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK .lp Show response
themeta-4aa0a-default-rtdb.firebaseio.com/ Frame E3DE 421 B
663 B 246ms
116ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://themeta-4aa0a-default-rtdb.firebaseio.com/.lp?start=t&ser=72016267&cb=1&v=5

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.7.0/firebase.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

1af06941425e8819bb5962a1cf4c2326f90e2b88cd8147e51bb0e82061e5c3dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 11:04:42 GMT
Server: nginx
Connection: keep-alive
Content-Length: 421
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-274.firebaseio.com/ Frame A379 419 B
648 B 291ms
115ms Document
text/html 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-274.firebaseio.com/.lp?dframe=t&id=718892&pw=OIsLaQDHzO&ns=themeta-4aa0a-default-rtdb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.7.0/firebase.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

0616005f0bf695ae25fbc7082d035771e2002825ad5a798a7dbabb9e537eb7a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/

Response headers

Server: nginx
Date: Mon, 17 Jan 2022 11:04:42 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 419
Connection: keep-alive
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-274.firebaseio.com/ Frame E3DE 15 B
256 B 289ms
115ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-274.firebaseio.com/.lp?id=718892&pw=OIsLaQDHzO&ser=61257196&ns=themeta-4aa0a-default-rtdb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.7.0/firebase.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

3d14e96bd08692f39b357173c908dcb0b21ee11d0bdb29b963ce7fcc836eb4fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 11:04:42 GMT
Server: nginx
Connection: keep-alive
Content-Length: 15
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-274.firebaseio.com/ Frame E3DE 58 B
299 B 289ms
115ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-274.firebaseio.com/.lp?id=718892&pw=OIsLaQDHzO&ser=61257197&ns=themeta-4aa0a-default-rtdb&seg0=0&ts0=1&d0=eyJ0IjoiZCIsImQiOnsiciI6MSwiYSI6InMiLCJiIjp7ImMiOnsic2RrLmpzLjQtNy0wIjoxfX19fQ..

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.7.0/firebase.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

ef824052cc54e24358011a6d1f363813e99264883d6a019f5c98f75e43f78dc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 11:04:42 GMT
Server: nginx
Connection: keep-alive
Content-Length: 58
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-274.firebaseio.com/ Frame E3DE 47 B
288 B 444ms
444ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-274.firebaseio.com/.lp?id=718892&pw=OIsLaQDHzO&ser=61257198&ns=themeta-4aa0a-default-rtdb

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.7.0/firebase.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

ed3730b3270061a92ba848032606b5ad11fba8990e1e02d6f8ef8da54a6237cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 11:04:42 GMT
Server: nginx
Connection: keep-alive
Content-Length: 47
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK .lp Show response
s-usc1c-nss-274.firebaseio.com/ Frame E3DE 38 B
279 B 121ms
121ms Script
application/javascript 2600:1901:0:94b6::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s-usc1c-nss-274.firebaseio.com/.lp?id=718892&pw=OIsLaQDHzO&ser=61257199&ns=themeta-4aa0a-default-rtdb&seg0=1&ts0=1&d0=eyJ0IjoiYyIsImQiOnsidCI6Im4iLCJkIjp7fX19

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/4.7.0/firebase.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

2600:1901:0:94b6:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

ab9a7570dfdadce87d8a7dc2f43587cba2c28e951c6bd9fd9176c5a175a85b20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metamask-verifications.web.app/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 17 Jan 2022 11:04:42 GMT
Server: nginx
Connection: keep-alive
Content-Length: 38
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Content-Type: application/javascript; charset=utf-8

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.geoiplookup.io/	1970-01-20 00:13:39	Name: __cf_bm Value: mZR7kyb_b1IHQxSxUyjGesVAiMpYNlsJMEXm7mXMLkQ-1642417481-0-AeN8r8BSTlLIOoPc+IN23s4CwBbxZtP9Kw8viMUWso1UlRm/4NOJkgJ4ld20Cp461lh4VSMQBdKmDo5UiQ7/Blg=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://json.geoiplookup.io/?callback=jQuery36006135968138141437_1642417481189&_=1642417481190 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://json.geoiplookup.io/?callback=jQuery36003898390609388176_1642417481734&_=1642417481735 Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.jsdelivr.net
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
json.geoiplookup.io
metamask-verifications.web.app
s-usc1c-nss-274.firebaseio.com
themeta-4aa0a-default-rtdb.firebaseio.com
unpkg.com
www.gstatic.com
2001:4de0:ac18::1:a:1b
2600:1901:0:94b6::
2606:4700:20::ac43:4444
2606:4700::6810:5514
2606:4700::6810:7baf
2620:0:890::100
2a00:1450:4001:80f::2003
2a00:1450:4001:828::200a
2a00:1450:4001:830::2003
00cdbd5df7e27519a51fdee66c37301dde919ccae1f0c7d28fa30404340fff0b
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
0616005f0bf695ae25fbc7082d035771e2002825ad5a798a7dbabb9e537eb7a8
0bb0c326dfc33136ad88e7454f06d22398a75f57f5eef79a30b218c171136f0d
1af06941425e8819bb5962a1cf4c2326f90e2b88cd8147e51bb0e82061e5c3dc
3108b73a69c0b192be9c206187c2e17949c05805348026599ccadeb2626d88e2
3972064b60cc8d60061f5aa93b943dc54428f6c29e897f1488d75fb2d5671407
3d14e96bd08692f39b357173c908dcb0b21ee11d0bdb29b963ce7fcc836eb4fd
423767983a6400d05704c2dc21b33d91e6526705a27c84adc142f30f44f02f0f
4bbb806e743e21bc9f97b62fc0564e0889b7f31ee9d48c3f2b85d4e00fe629cc
52c88349bd9d45937236e20a4c9928f8a15db9dc7418436900e667b344e079c5
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
6643f9327bc18e8108d0bc474eee816d0807a10dc8ad3702797e8f81f23c888b
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
90af37bb98146aba902ae19d013dc16ead7ea6f5050f339a5728eaf2a068c7ec
9c6596dccd4b15e7ab0a21d6b35c75d0f0531d258f342869890165ac974706b3
a98d53afe17cdc71f7af987f090b977fe3af08f60a926b65d7321fed219f537e
ab9a7570dfdadce87d8a7dc2f43587cba2c28e951c6bd9fd9176c5a175a85b20
aed6ac78b8249a9c7cff0030f3b921ee9f771cb1684164f3e679e1023a4d5c69
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842
cd70b79d81f32aa721dedf46ea682f1f0c1808d2ffe09da63730b2a01380c214
e2bce7e3f85456cb30a1803f8f261157ca8922d7e0b1c5baf421d65cfd87619d
ed3730b3270061a92ba848032606b5ad11fba8990e1e02d6f8ef8da54a6237cf
ef824052cc54e24358011a6d1f363813e99264883d6a019f5c98f75e43f78dc9
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

metamask-verifications.web.app Open in urlscan Pro 2620:0:890::100 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

52 Requests

96 %HTTPS

100 %IPv6

8 Domains

11 Subdomains

10 IPs

3 Countries

1560 kBTransfer

3274 kBSize

1 Cookies

16 Outgoing links

Page URL History

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

metamask-verifications.web.app Open in urlscan Pro
2620:0:890::100 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

96 %
HTTPS

100 %
IPv6

8
Domains

11
Subdomains

10
IPs

3
Countries

1560 kB
Transfer

3274 kB
Size

1
Cookies

52 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!