metamask.promo Open in urlscan Pro
2606:4700:3035::6815:5ed5  Malicious Activity! Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response metamask.promo/	24 KB 7 KB	117ms 61ms	Document text/html	2606:4700:3035::6815:5ed5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://metamask.promo/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:5ed5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f20b8881fa95ac049cec8f2c9eb9d4efe71fef420adbb943ca62d82fa7127a92 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 7054766e5b188fe2-FRA Connection keep-alive Content-Encoding gzip Content-Type text/html Date Mon, 02 May 2022 23:16:05 GMT Last-Modified Sat, 30 Apr 2022 03:38:27 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RMz1bQXmG4sjC2j%2FUIBcSChMztACP97neCLm8PkhjLGpcUA8w5r0lmRoc12A0kBryELqiDvSkXIfT9IxBCswAFfv7MCrT%2FNHgLIRXsQCc7zzZN8YEfYHhI3Y0hkSGg4%2FU%2BDCFfrnFB6tZF1aSw%3D%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	200 OK	main.css metamask.promo/css/	159 KB 18 KB	81ms 81ms	Stylesheet text/css	2606:4700:3035::6815:5ed5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://metamask.promo/css/main.css Requested by Host: metamask.promo URL: http://metamask.promo/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:5ed5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5c996bd1654516e4dfcd47681462d20eb3b711bae92f847da4bd04e29f601450 Request headers accept-language de-DE,de;q=0.9 Referer http://metamask.promo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 23:16:05 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Thu, 17 Mar 2022 13:11:00 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EWrpioIiOsQL7I0WDTrWefS%2FBKWEZnyR%2BMA4cS6hjTZA5WJT2qM0txrkC1B8e%2FAQsX15%2BC3rP%2B6cRe0FF8BziLzkB%2FrbWjFgaAoPAzzjyCBZCM2HAfIsKEchM20oIVp%2F%2FtDIlbV05dcgpxq4tw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/css alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7054766edb828fe2-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H2	200	swimlogo.jpeg swim.claims/	28 KB 29 KB	299ms 69ms	Image image/jpeg	2a06:98c1:3120::11 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://swim.claims/swimlogo.jpeg Requested by Host: metamask.promo URL: http://metamask.promo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::11 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c95602b656e53eada598edb0dec8743a47e9bfb703034d4707d8d05a7a13ec7 Request headers accept-language de-DE,de;q=0.9 Referer http://metamask.promo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 23:16:05 GMT cf-cache-status MISS last-modified Sat, 30 Apr 2022 03:29:36 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2q3bayg9MEY5lsyNoNqzDldA2ltSjARaK%2FxEVes5NrC2L9%2BQDlvHkBiwoRe66rnLdapV0uDcg1arAKQI%2F7jQQ4%2FFX%2BuNukeek6QJFzmwApyxgruFCFjQxatyzyYTsl69yFfj5D2fMcAxdA%3D%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} accept-ranges bytes cf-ray 70547670487c905e-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 28680
GET H/1.1	200 OK	question-mark.2446fa68.svg metamask.promo/img/	1 KB 1 KB	75ms 54ms	Image image/svg+xml	2606:4700:3035::6815:5ed5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://metamask.promo/img/question-mark.2446fa68.svg Requested by Host: metamask.promo URL: http://metamask.promo/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:5ed5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40696c58debdfdb7cd58856536a7a6a9cdc7ef308a0f4c706553790048dddab6 Request headers accept-language de-DE,de;q=0.9 Referer http://metamask.promo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 23:16:05 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Thu, 17 Mar 2022 13:11:00 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LWP4SLt29kFPUvpmwEqxMwhBcrbH9Dd%2BqrVDnyj7QahkHqZLE0P5x%2BfDqGmyTj%2FNo1I8M2F4rMpjZZcvAcFY%2F5yxtuN0hKmxdYQjxzuJiqA7dLXEl1q7rgEDrOZNmHmqJN7inB3%2FMlKaTlqdw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7054766ef9ce9004-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	bulb.c38857e9.svg metamask.promo/img/	2 KB 1 KB	81ms 59ms	Image image/svg+xml	2606:4700:3035::6815:5ed5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://metamask.promo/img/bulb.c38857e9.svg Requested by Host: metamask.promo URL: http://metamask.promo/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:5ed5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash c65274307ab7841a16a4a914d5790d1020726a620a1089f5a67dad6fddb80775 Request headers accept-language de-DE,de;q=0.9 Referer http://metamask.promo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 23:16:05 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Thu, 17 Mar 2022 13:11:00 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=87Jdm2C4zzl5PLMnQT2FUqb%2FkMQLtuZdD4zP4NF0t7%2F2I7Fp9oHc3oj0N64AYx85iVFRjaxrXrxCrS9SkVcpV%2Bgs7yQRyrQdrH2GkoI6ZoHqUCqvFiJY3tqBWiQmzOBA0q8w%2Fzs1C%2BRQFLaplQ%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7054766efa9c913d-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	info.a2fe040d.svg metamask.promo/img/	1 KB 1 KB	78ms 57ms	Image image/svg+xml	2606:4700:3035::6815:5ed5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://metamask.promo/img/info.a2fe040d.svg Requested by Host: metamask.promo URL: http://metamask.promo/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:5ed5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c90e5c2c7b2b750b8139738f91591127b20fb5f493040448129e42a407f68a0 Request headers accept-language de-DE,de;q=0.9 Referer http://metamask.promo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 23:16:05 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Thu, 17 Mar 2022 13:11:00 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I6uWFJUjG3L1b54dao6Sv%2B9hh7m2emciwlASD91CXvSxm%2FJQ2%2B6%2FGVBz4MhUqyoGyWCexosk6iLU5BZOAaKIxqowk1%2BwB3ocA3gAmoSKNIgPQbCyxQrcVDuooEJh4UV3hDSElg55UV8Wp5Txsw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7054766efc2a9b21-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	discord.8f193baa.svg metamask.promo/img/	5 KB 3 KB	82ms 61ms	Image image/svg+xml	2606:4700:3035::6815:5ed5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://metamask.promo/img/discord.8f193baa.svg Requested by Host: metamask.promo URL: http://metamask.promo/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:5ed5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e36947480ea785062b873aa85958be75e4f156115bdec0412c7b8ceba2082b3a Request headers accept-language de-DE,de;q=0.9 Referer http://metamask.promo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 23:16:05 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Thu, 17 Mar 2022 13:11:00 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNYn830r0%2BV%2BGFV0lSdvw9oWcOZ9vJ%2FUq0YF2C4d5IMSn9oF9Oe07CnF2eLdkYaxEtipMl2Y8Z3eboXymkN4WUrsvjLfYQbzC2ORvr97MK8CNG8qcNuMOvQ9CCvlHXRITAE8exdEHtFv697x9A%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7054766efee0698b-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	twitter.7c73c4a0.svg metamask.promo/img/	2 KB 2 KB	52ms 50ms	Image image/svg+xml	2606:4700:3035::6815:5ed5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://metamask.promo/img/twitter.7c73c4a0.svg Requested by Host: metamask.promo URL: http://metamask.promo/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:5ed5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 76c3e47fce56b81b95a2b24c7e34107aed136ead38a9d319c9d53799704c6b4d Request headers accept-language de-DE,de;q=0.9 Referer http://metamask.promo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 23:16:05 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Thu, 17 Mar 2022 13:12:00 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2vtsO8HulaREiUTxLC3%2FXWqv5J6VPNdtszBt8WBynAusxCvgjIe6l600APLnE8X%2BXJEEypSedgDWXTLKiuUuCKe67FS%2BfrFJSv3sMoL1UA54lDZhBaUdMk9T34yOAQV8zi5Y6%2Bc9DRUig6G2%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7054766f5c999b21-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	twitter-light.svg metamask.promo/img/	1 KB 1 KB	52ms 51ms	Image image/svg+xml	2606:4700:3035::6815:5ed5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://metamask.promo/img/twitter-light.svg Requested by Host: metamask.promo URL: http://metamask.promo/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:5ed5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash df2ddc3657b0b32d54b559821a84ccd9a196f93612e6a5a6a77c128fa899500e Request headers accept-language de-DE,de;q=0.9 Referer http://metamask.promo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 23:16:05 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Thu, 17 Mar 2022 13:12:00 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ofAkvlz8O%2FeJbPw9J4bvnAGlbuz4OuAHt%2BCQJnvuhp%2Bd9btZfawS%2BskHtFIdrUSk5QZKNloL2GouB9DPL7SJyyVYIjkDyHEVKQu9kkkR9vRWv8q8PFxCVsVdOTzxqU5nRAK8sJNYcR9wVV027Q%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7054766f5b0e913d-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	200 OK	discord-light.svg metamask.promo/img/	2 KB 2 KB	54ms 53ms	Image image/svg+xml	2606:4700:3035::6815:5ed5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://metamask.promo/img/discord-light.svg Requested by Host: metamask.promo URL: http://metamask.promo/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:5ed5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546 Request headers accept-language de-DE,de;q=0.9 Referer http://metamask.promo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 23:16:05 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Thu, 17 Mar 2022 13:11:00 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mJ6M4GXEBsgeX%2BHJQKrZ%2FIGa8y%2B6opXadydSSNDioIMye1P2gB2BFEUF92UR%2B5mLq4%2FvQqhj4GUEIv7xPjUQbuiSrL%2FZJ8J02%2BevS1fAysZ%2FhdpY4yLmIvocZ%2FI8OFYSskLJSX8xGNR%2FcVFxHg%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type image/svg+xml alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7054766f5a229004-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H2	200	bignumber.min.js Show response cdn.jsdelivr.net/npm/bignumber.js@9.0.2/	18 KB 9 KB	79ms 33ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/bignumber.js@9.0.2/bignumber.min.js Requested by Host: metamask.promo URL: http://metamask.promo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f2133f8799ab54f646b15ee3ed09a1c38980d7bced826cdc080d3dd894b86fba Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://metamask.promo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 23:16:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 820530 x-jsd-version 9.0.2 x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19124-FRA, cache-cdg20739-CDG timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"49f8-YAVgA2sC9AU0TIVwHM510vO2n68" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=e2E1g8LnSYo5qjz9duCbE7jTD5CmPzwTmWLuOGqlbJNGEg8Slb%2Bjd11evpKxgc4Em3iLgEn6a%2FL8c368vA8fd6yOzgM3RYirvTlzH2Wdz7%2BwbbAvkHdeB9%2BaiLBrUF2ekEqkRTg0HuH3EJ5MEEg%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=31536000, s-maxage=31536000, immutable cf-ray 7054766f1b016907-FRA access-control-expose-headers *
GET H2	200	web3.min.js Show response cdnjs.cloudflare.com/ajax/libs/web3/1.5.2/	1 MB 224 KB	76ms 31ms	Script application/javascript	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/web3/1.5.2/web3.min.js Requested by Host: metamask.promo URL: http://metamask.promo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7e73fa2ca88f5c3477faf0c2786a36c63f9066530b801cc961aeb2445bb6972e Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer Origin http://metamask.promo accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 23:16:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1005587 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 228113 timing-allow-origin * last-modified Sun, 15 Aug 2021 04:06:33 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "611892c9-37b11" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdgJkwL03qEkramXRHx8PXXTvtRArh9nK3Hqh%2F1lMdWvKfrrRD6BG9RN4xFG1Wl5cxvy0LZmvnyTcCYqsE2HMjvrz8XeNTpQ9EJM3qvpHzFn9TM9BkEyl4AIaeAGQZP1lyzXAAjRtnS3VHz%2BsdkKlhMV"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 7054766f1bf691fb-FRA expires Sat, 22 Apr 2023 23:16:05 GMT
GET H2	200	web3.min.js Show response cdn.jsdelivr.net/npm/web3@latest/dist/	1 MB 328 KB	86ms 41ms	Script application/javascript	2606:4700::6810:5914 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/web3@latest/dist/web3.min.js Requested by Host: metamask.promo URL: http://metamask.promo/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bfccb9edd2658df7f22748f618a36f42c45e0320c79b361b0ff7d00be836e1f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://metamask.promo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 23:16:05 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} fastly-original-body-size 394346 age 6058 x-jsd-version 1.7.3 x-cache HIT, HIT cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains; preload alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 x-served-by cache-fra19173-FRA, cache-iad-kiad7000129-IAD timing-allow-origin * x-jsd-version-type version server cloudflare etag W/"158e01-aCs8wPYSF3jdF6eDCPxK9pFaHzU" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvQ3%2FVQMQMAJ0NFkieiazopb9dnE55nE8KROe5EoZYFXhj3zmhEcoyy15XT9Ou0fw9nHqaI1oHYNmT4eSG38vHKZRhMaXPM8dSE73BNr5Fla%2F%2FMDd%2BWq7jPxGPLO2FJzQnIdy0Oan8wVrawJsWQ%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 cf-ray 7054766f1b026907-FRA
GET H/1.1	200 OK	script.js Show response metamask.promo/js/	16 KB 3 KB	84ms 64ms	Script application/javascript	2606:4700:3035::6815:5ed5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://metamask.promo/js/script.js Requested by Host: metamask.promo URL: http://metamask.promo/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:5ed5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 582de4c95b35066cdf1108031e1aa830ada51da880dad3cd8202d5bd8e5831a5 Request headers accept-language de-DE,de;q=0.9 Referer http://metamask.promo/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 23:16:05 GMT Content-Encoding gzip CF-Cache-Status MISS Last-Modified Sat, 30 Apr 2022 03:30:41 GMT Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wEznoi01rUivFzwZE0a1cJYj%2FR%2FWL5alfPF7qaG2YZ9w0bSTZZ0lQZjbevj4dKvDlCD8AIqDAPwA6VnGP%2B1W6ueS%2FELcNQOw7V%2FPrkhwtz6kK6aHU3bJnlPrfd7VaXtRQ2mRvfyyIPsyja4Cbw%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/javascript alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7054766efc559162-FRA NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
GET H/1.1	404 Not Found	planet.svg metamask.promo/img/	315 B 315 B	49ms 49ms	Image text/html	2606:4700:3035::6815:5ed5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://metamask.promo/img/planet.svg Requested by Host: metamask.promo URL: http://metamask.promo/css/main.css Protocol HTTP/1.1 Server 2606:4700:3035::6815:5ed5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3 Request headers accept-language de-DE,de;q=0.9 Referer http://metamask.promo/css/main.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers Date Mon, 02 May 2022 23:16:05 GMT Content-Encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBJAD246S%2F6h5h96sKdzHtuX5z%2B3smWxdt%2FsRw6FUts8wxha374kzNJD%2FciUZuJxVU1tGsRJjJ3VZMOsUKkxVwf16wuznTZfjiyiZ4AdY6KhHmNixqZqEx7yErGT7iregq2mz%2FLw7KIx9eGttA%3D%3D"}],"group":"cf-nel","max_age":604800} Content-Type text/html; charset=iso-8859-1 Cache-Control max-age=14400 Transfer-Encoding chunked Connection keep-alive CF-RAY 7054766f6cd09162-FRA alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	rP2Cp2ywxg089UriASitCBimCw.woff2 fonts.gstatic.com/s/dmsans/v6/	18 KB 18 KB	86ms 38ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/dmsans/v6/rP2Cp2ywxg089UriASitCBimCw.woff2 Requested by Host: metamask.promo URL: http://metamask.promo/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://metamask.promo/ Origin http://metamask.promo accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Fri, 29 Apr 2022 01:27:52 GMT x-content-type-options nosniff age 337693 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 18244 x-xss-protection 0 last-modified Thu, 05 Nov 2020 22:00:14 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 29 Apr 2023 01:27:52 GMT
GET H2	200	pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v15/	8 KB 8 KB	74ms 26ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 Requested by Host: metamask.promo URL: http://metamask.promo/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://metamask.promo/ Origin http://metamask.promo accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Fri, 29 Apr 2022 07:29:54 GMT x-content-type-options nosniff age 315971 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7832 x-xss-protection 0 last-modified Thu, 05 Nov 2020 22:01:48 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Sat, 29 Apr 2023 07:29:54 GMT
GET H2	200	pxiEyp8kv8JHgFVrJJfecg.woff2 fonts.gstatic.com/s/poppins/v15/	8 KB 8 KB	54ms 23ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v15/pxiEyp8kv8JHgFVrJJfecg.woff2 Requested by Host: metamask.promo URL: http://metamask.promo/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://metamask.promo/ Origin http://metamask.promo accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 25 Apr 2022 23:29:07 GMT x-content-type-options nosniff age 604018 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7900 x-xss-protection 0 last-modified Thu, 05 Nov 2020 22:02:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 25 Apr 2023 23:29:07 GMT
GET H2	200	pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 fonts.gstatic.com/s/poppins/v15/	8 KB 8 KB	52ms 20ms	Font font/woff2	2a00:1450:4001:82b::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 Requested by Host: metamask.promo URL: http://metamask.promo/css/main.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://metamask.promo/ Origin http://metamask.promo accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 Response headers date Mon, 02 May 2022 21:36:03 GMT x-content-type-options nosniff age 6002 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7776 x-xss-protection 0 last-modified Thu, 05 Nov 2020 22:01:55 GMT server sffe report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="apps-themes" expires Tue, 02 May 2023 21:36:03 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Crypto (Crypto Exchange)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone number| count function| getRandomInRange function| timeDisp function| BigNumber function| setImmediate function| clearImmediate object| regeneratorRuntime function| Web3 function| changeTheme function| writeCookie function| readCookie number| mintnumber number| interval function| foo

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			metamask.promo/	1970-01-20 03:28:45	Name: mintede Value: 512

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://metamask.promo/img/planet.svg Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.gstatic.com
metamask.promo
swim.claims
2606:4700:3035::6815:5ed5
2606:4700::6810:5914
2606:4700::6811:190e
2a00:1450:4001:82b::2003
2a06:98c1:3120::11
3cd29fcd28558f2d1a4273dcca8b904b79b4ad2c19c0ce9d096da1e89f292546
40696c58debdfdb7cd58856536a7a6a9cdc7ef308a0f4c706553790048dddab6
41e46faff74c6a77d581689ec35eb040f6c96d17f4d2c5b25dccd42ed498b01c
582de4c95b35066cdf1108031e1aa830ada51da880dad3cd8202d5bd8e5831a5
5c996bd1654516e4dfcd47681462d20eb3b711bae92f847da4bd04e29f601450
6c95602b656e53eada598edb0dec8743a47e9bfb703034d4707d8d05a7a13ec7
76c3e47fce56b81b95a2b24c7e34107aed136ead38a9d319c9d53799704c6b4d
7e73fa2ca88f5c3477faf0c2786a36c63f9066530b801cc961aeb2445bb6972e
9c90e5c2c7b2b750b8139738f91591127b20fb5f493040448129e42a407f68a0
a8e5a0c39f7371f633203c6e77de59b3fff273bc2c1a5df9c1356e6dc24ad92d
b0b43e548e691662dac85b1dc159d148a273d5cb9139f3fcf457cdeebe7bdf3f
bfccb9edd2658df7f22748f618a36f42c45e0320c79b361b0ff7d00be836e1f7
c65274307ab7841a16a4a914d5790d1020726a620a1089f5a67dad6fddb80775
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
df2ddc3657b0b32d54b559821a84ccd9a196f93612e6a5a6a77c128fa899500e
e36947480ea785062b873aa85958be75e4f156115bdec0412c7b8ceba2082b3a
f20b8881fa95ac049cec8f2c9eb9d4efe71fef420adbb943ca62d82fa7127a92
f2133f8799ab54f646b15ee3ed09a1c38980d7bced826cdc080d3dd894b86fba