metaxmask.io Open in urlscan Pro
104.21.19.171 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://metaxmask.io/web/start/index.php
Submission: On October 01 via manual (October 1st 2021, 6:38:53 am UTC) from NL — Scanned from DE

Summary HTTP 51 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 2 countries across 10 domains to perform 51 HTTP transactions. The main IP is 104.21.19.171, located in and belongs to CLOUDFLARENET, US. The main domain is metaxmask.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on September 30th 2021. Valid for: a year.

This is the only time metaxmask.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
26	104.21.19.171 104.21.19.171	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
1	185.199.108.153 185.199.108.153	54113 (FASTLY) (FASTLY)
1	142.250.186.74 142.250.186.74	15169 (GOOGLE) (GOOGLE)
1	104.16.90.50 104.16.90.50	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
11	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
1	142.250.185.132 142.250.185.132	15169 (GOOGLE) (GOOGLE)
1	142.250.186.129 142.250.186.129	15169 (GOOGLE) (GOOGLE)
1	216.58.212.182 216.58.212.182	15169 (GOOGLE) (GOOGLE)
2	216.58.212.131 216.58.212.131	15169 (GOOGLE) (GOOGLE)
51	14

26 104.21.19.171 (None, )

ASN13335 (CLOUDFLARENET, US)

metaxmask.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.199.108.153 (United States)

ASN54113 (FASTLY, US)
PTR: cdn-185-199-108-153.github.com

metamask.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.74 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.90.50 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.embedly.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.78 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.132 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f1.1e100.net

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.182 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f22.1e100.net

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.131 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	metaxmask.io metaxmask.io	1 MB
11	youtube.com www.youtube.com	728 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	49 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net static.doubleclick.net	1 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	7 KB
1	ytimg.com i.ytimg.com	82 KB
1	ggpht.com yt3.ggpht.com	3 KB
1	google.com www.google.com	14 KB
1	embedly.com cdn.embedly.com	99 KB
1	metamask.io metamask.io	12 KB
51	10

	Domain	Requested by
26	metaxmask.io	metaxmask.io
11	www.youtube.com	cdn.embedly.com www.youtube.com
3	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
2	www.gstatic.com	www.youtube.com www.gstatic.com
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	cdn.embedly.com	metaxmask.io
1	fonts.googleapis.com	ajax.googleapis.com
1	metamask.io	metaxmask.io
1	ajax.googleapis.com	metaxmask.io
51	13

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-30` - `2022-09-29`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
metamask.io R3	`2021-08-25` - `2021-11-23`	3 months	crt.sh
*.embedly.com Sectigo RSA Domain Validation Secure Server CA	`2021-09-09` - `2022-10-10`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2021-08-30` - `2021-11-22`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://metaxmask.io/web/start/index.php
Frame ID: D4107486384BDDE6148479C2724C3E46
Requests: 31 HTTP requests in this frame

Frame: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FYVgfHZMFFFQ%3Ffeature%3Doembed&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DYVgfHZMFFFQ&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2FYVgfHZMFFFQ%2Fhqdefault.jpg&key=96f1f04c5f4143bcb0f2e68c87d65feb&type=text%2Fhtml&schema=youtube
Frame ID: 48655AF1E17F9CB5B7E7CCAA62D25B87
Requests: 3 HTTP requests in this frame

Frame: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Frame ID: A35ECA721DEAED92BEE473ABCBF0FFCA
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MetaxMaskt

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

51
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

14
IPs

2
Countries

2384 kB
Transfer

5940 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

51 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.php Show response
metaxmask.io/web/start/ 13 KB
4 KB 151ms
123ms Document
text/html 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metaxmask.io/web/start/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6470a6800e4cd4cae28c7565468aa6f7d881d4f8b33cf5b18e4e1af8e4f6a2f8

Request headers

:method: GET
:authority: metaxmask.io
:scheme: https
:path: /web/start/index.php
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FQZ4NjEYnc2GQ9FAxeU0FjyIBK253QDm1lzMsN31%2B2qHNc02dhowvdOeqTYhB8s07YuXeLt4WYFuNlbaaBELBYMMOMNeEzes7TTqC6GcF3s0YteG8NPp22nhM%2F4Ye1Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6973b0aefb9b3244-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 normalize.css
metaxmask.io/web/start/css/ 8 KB
3 KB 19ms
18ms Stylesheet
text/css 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metaxmask.io/web/start/css/normalize.css
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Request headers

:path: /web/start/css/normalize.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 11:51:09 GMT
server: cloudflare
age: 3147
etag: W/"6155a4ad-1e5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rvdz2nSWmWQ2RFFDz2opDsEo%2Bd0oTA7JvHi6blE1leYt2kwphjuoYvKpFkm%2BUN19pr3NJTCpO6thUtHWQ1FRWMck7PPFTEFiOhiLOm1RUoIwzWJR8nWDW8rgxw5xCiY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6973b0afec8b3244-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 webflow.css
metaxmask.io/web/start/css/ 38 KB
10 KB 22ms
21ms Stylesheet
text/css 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metaxmask.io/web/start/css/webflow.css
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7deeee24b8c80bcca6c1c3ba09aaf3811aa99f88028732f2fce9e31e83a435f6

Request headers

:path: /web/start/css/webflow.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 11:51:10 GMT
server: cloudflare
age: 3147
etag: W/"6155a4ae-988f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgtlZABKO0hdTdud5Avvmrav99KVeJyjzkwaV45nPVNg%2B7rb7V5gdSIVZVaggRReqtoOO%2F4G0iRGHDtC%2FnCxGS90TZUp114YqlLeUf2b9btxd1T0BIsvW6m%2BJYnT0Q0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6973b0afec8e3244-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 metamask-staging-2.webflow.css
metaxmask.io/web/start/css/ 104 KB
15 KB 22ms
21ms Stylesheet
text/css 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metaxmask.io/web/start/css/metamask-staging-2.webflow.css
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2132ad0d18519aec7045b776812b85146fd30773e4e79de6ddfb32c67ac2cdc0

Request headers

:path: /web/start/css/metamask-staging-2.webflow.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 11:51:10 GMT
server: cloudflare
age: 3147
etag: W/"6155a4ae-1a09a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0ucN0ATK6SPXYMCPwi0Er6vCTc5gUtO5NoQNEmNB2iz3RY6GcflzkCbmTmVsKWrLEUSvBSF3uFu3cMBOetfX0lXJPT%2BY3dyeTNaIce6lJ6tGtqnGMHiHMNB4VNQv93w%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6973b0afec8f3244-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 48ms
14ms Script
text/javascript 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:40:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61125
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Fri, 30 Sep 2022 13:40:03 GMT

GET
H3 200 invisible.js Show response
metaxmask.io/cdn-cgi/challenge-platform/h/g/scripts/ 44 KB
16 KB 113ms
112ms Script
text/javascript 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metaxmask.io/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9b131e172ecf5db5b4876182d40640ecfa0633c92a4891cfe95f4b5b62bf13c3

Request headers

:path: /cdn-cgi/challenge-platform/h/g/scripts/invisible.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LhL9fDITgx7yEH0Uyx1eU%2FZogm7PUjBqaNpy4rlRJFXxHIAiL3y99q%2FOllTVTi6IW5NpfB0kys7umVsraUtDnmH9BUpZWUqlAUU%2Fn69m9NQt2I63B6SPz0dVx1zoQ14%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6973b0b038ae5bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 mm-logo.svg
metaxmask.io/web/start/images/ 12 KB
4 KB 97ms
95ms Image
image/svg+xml 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/mm-logo.svg
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Request headers

:path: /web/start/images/mm-logo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 11:51:17 GMT
server: cloudflare
age: 3147
etag: W/"6155a4b5-2ef3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tS8Ln9R4vI%2BWxHHHNQoyDEgu2z3Vox5xselBKSoe%2B99fGIWoLvDLyTwAAmnH7b%2F%2Ft8tLnreyU%2F27BhAjDXNFOus7gXLWW2xkSv9wDHuN09Lm%2BR4Q%2FwDylEuyqi%2BDQXU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6973b0b038b15bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 social-35.svg
metaxmask.io/web/start/images/ 589 B
944 B 22ms
20ms Image
image/svg+xml 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/social-35.svg
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1c8eeaba26b242b094ad1fbc6ca9d169e784047c14d14fc043c0bc646f5ef009

Request headers

:path: /web/start/images/social-35.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 11:51:18 GMT
server: cloudflare
age: 3146
etag: W/"6155a4b6-24d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JwV2Fplc3OsgXaLH0GkbB%2B1QZ1xGoldfc3p2xmi7foPmivqSU4Zq%2FBtmAcYgK%2BZuo%2FrJZcs62hQoDukdi77YewfD9uQ9yiLv3e82hCxX88m4BQvSquMp7%2BzdnIcgri8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6973b0b038b35bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 wallet-illo.svg
metaxmask.io/web/start/images/ 36 KB
12 KB 21ms
19ms Image
image/svg+xml 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/wallet-illo.svg
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d

Request headers

:path: /web/start/images/wallet-illo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 11:51:19 GMT
server: cloudflare
age: 3146
etag: W/"6155a4b7-8e55"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O9Ih%2FtYJsNrKTSEjsRHdJeDtgqV0ycs1pYmR1fIXaGwDBs%2F%2BlEKaLqM841nFxoD16deFfTQ6axQtaA%2FSTD7Q46VeQXRfFBNCfLgDZrIKppyQfPcdT19iOaSILKAWYWw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6973b0b038b45bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 Explore-illo.svg
metaxmask.io/web/start/images/ 36 KB
13 KB 98ms
96ms Image
image/svg+xml 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/Explore-illo.svg
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ba2b37fd4f2f3c19c10109bc6111d3d71692c78f9351f1eb2a8cab5231b77b5

Request headers

:path: /web/start/images/Explore-illo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 11:51:17 GMT
server: cloudflare
age: 3146
etag: W/"6155a4b5-8fe3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X%2BFrskpBoqm0ukzP1eSUw%2BFFNc18nwhcITdR5cESa3rJ5A%2F6OX9VAEb2Apw7PvFQ%2BjdfpDlohWw%2BLfZleMFqP5oVki5UcRMbnCOikZAYXt%2BmRWx%2FLL8IDI11lB2CT6c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6973b0b038b55bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 Browse-illo.svg
metaxmask.io/web/start/images/ 28 KB
11 KB 22ms
20ms Image
image/svg+xml 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/Browse-illo.svg
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 517c0c6b44ede59070fb138aab7e875b9c230a227295f9612c32dabb9b0bdb13

Request headers

:path: /web/start/images/Browse-illo.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 11:51:14 GMT
server: cloudflare
age: 3146
etag: W/"6155a4b2-6e04"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnZ2iMjgqInZI7Z%2BINkTu1Hp888UJrnS0vWHky%2FJL%2FaoAE8xYyZCW05FMIPh9cnxqG8T1%2BdA84zMj0eDsnVSnqWpSKpbB4LLL1%2FKzw5iYQeNVYn1g9DDoR%2B7b%2B2%2BEGc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6973b0b038b65bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 logo.js Show response
metamask.io/ 45 KB
12 KB 43ms
17ms Script
application/javascript 185.199.108.153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://metamask.io/logo.js
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.199.108.153 , United States, ASN54113 (FASTLY, US),
Reverse DNS: cdn-185-199-108-153.github.com
Software: GitHub.com /
Resource Hash: 6137618d3823a779dd702a546f64a767860341256ed661e1204b2dbdfc680ef4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-fastly-request-id: 01989878427d8b891d00ac65f824638382ae6618
date: Fri, 01 Oct 2021 06:38:49 GMT
content-encoding: gzip
age: 514
x-cache: HIT
content-length: 11490
x-served-by: cache-fra19182-FRA
access-control-allow-origin: *
last-modified: Thu, 30 Sep 2021 18:12:32 GMT
server: GitHub.com
x-github-request-id: 7C0A:D556:111207:11846D:6155FE22
x-timer: S1633070329.176821,VS0,VE1
etag: W/"6155fe10-b430"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
expires: Thu, 30 Sep 2021 18:22:50 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
H3 200 dapp-aave.png
metaxmask.io/web/start/images/ 14 KB
15 KB 85ms
83ms Image
image/png 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/dapp-aave.png
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55

Request headers

:path: /web/start/images/dapp-aave.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14347
last-modified: Thu, 30 Sep 2021 11:51:15 GMT
server: cloudflare
etag: "6155a4b3-380b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9MEj%2FpvYj2iRy%2BGEjDXl0RFAGfplf4b%2B12sGYSdGoCuCgqMd2Hti1xWYyWvSK4V98WQ%2FDEVHpg0SJSpyyKM3antF8TqmmcmBnedYT2Kkch%2FjMVO8nsdpIgYa4lxl6D8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6973b0b038b85bf9-FRA

GET
H3 200 dapp-axieinfinity.png
metaxmask.io/web/start/images/ 42 KB
42 KB 93ms
92ms Image
image/png 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/dapp-axieinfinity.png
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421

Request headers

:path: /web/start/images/dapp-axieinfinity.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 42713
last-modified: Thu, 30 Sep 2021 11:51:15 GMT
server: cloudflare
etag: "6155a4b3-a6d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iyL42gN4SsOHioX1o0bXjaIe1i51AKZhCm8rt0wg3RCCLBGguPY8es5JRGeBn6%2BPG6mwcIQu%2FMFdMOo7E2ZPTX06qo3ZgdneEj0GGW4Mml6NYEOb15jz2rTulHi92gw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6973b0b038bb5bf9-FRA

GET
H3 200 dapp-compound.png
metaxmask.io/web/start/images/ 11 KB
12 KB 85ms
83ms Image
image/png 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/dapp-compound.png
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76

Request headers

:path: /web/start/images/dapp-compound.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11355
last-modified: Thu, 30 Sep 2021 11:51:15 GMT
server: cloudflare
etag: "6155a4b3-2c5b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1c%2B7jjIYqmG5zS%2FeCJhBFK9lPA0VujeI%2Bd8Ey5TpZp7Q40hSXkfI%2FQbq6Fes9BnafSr83LENf%2B0uVctpXPud0H%2F4%2BAZXUrkvsnWF65YvzTuuqDjpngePoNT2vc88ZR0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6973b0b038bd5bf9-FRA

GET
H3 200 dapp-gitcoin.png
metaxmask.io/web/start/images/ 8 KB
8 KB 85ms
83ms Image
image/png 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/dapp-gitcoin.png
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43

Request headers

:path: /web/start/images/dapp-gitcoin.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7998
last-modified: Thu, 30 Sep 2021 11:51:16 GMT
server: cloudflare
etag: "6155a4b4-1f3e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UZ%2BvRfJUZ0BtbHcxIfGo5nPZMG3NFFMMFbrjb9tHRmwJxIoKqqPSEAmlH%2FI7I%2Fi8CuT03VLCHWbSW8ieM%2F1YxJBmQrR4HBnDO91ZQ1oHiRZyaPktkGrzYQheOk9ndkg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6973b0b038be5bf9-FRA

GET
H3 200 dapp-maker.png
metaxmask.io/web/start/images/ 7 KB
7 KB 99ms
97ms Image
image/png 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/dapp-maker.png
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96

Request headers

:path: /web/start/images/dapp-maker.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6852
last-modified: Thu, 30 Sep 2021 11:51:16 GMT
server: cloudflare
etag: "6155a4b4-1ac4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jmI7oVUGCDN0ICTzAp9SqJpaZKS1AUw5AkfhBga21UUs5%2F7XGMZhs4pufwx58kRwMG8eM76v3cSjt1ADwqGYqDRDrsW79RNN%2FDDhfo0tcuGoXdAoZqmRACOC47ViE1M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6973b0b038bf5bf9-FRA

GET
H3 200 dapp-opensea.png
metaxmask.io/web/start/images/ 6 KB
7 KB 34ms
33ms Image
image/png 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/dapp-opensea.png
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116

Request headers

:path: /web/start/images/dapp-opensea.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6533
last-modified: Thu, 30 Sep 2021 11:51:16 GMT
server: cloudflare
etag: "6155a4b4-1985"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wlaGSh33fodJXAFRz%2BMWzebOmMLYpnkjx0VhtS7%2BuPDHPiSNggWhDqYbfifkdhfebfkAD6PKY5cD%2FpJ6bnbeHI2eMJ%2BFMNIGgDy3hjU3%2F%2B7T1Wf%2BQU0dCJxKwjARlWE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6973b0b038c05bf9-FRA

GET
H3 200 dapp-rarible.png
metaxmask.io/web/start/images/ 7 KB
7 KB 86ms
85ms Image
image/png 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/dapp-rarible.png
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c

Request headers

:path: /web/start/images/dapp-rarible.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 6840
last-modified: Thu, 30 Sep 2021 11:51:16 GMT
server: cloudflare
etag: "6155a4b4-1ab8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tqyaZMfPKXA7OVtlogtbcNBM0HuEZ8wk4bqxYiv9PSmk4ZUuJ63GeYsN%2BoH59oJheEaKw5szIZ5UUZ8hR%2FiF5Y8TOXcTgLrN5cP9zK%2BgEo%2BuG8YfY3201MNmVES6zoI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6973b0b038c35bf9-FRA

GET
H3 200 dapp-uniswap.png
metaxmask.io/web/start/images/ 10 KB
11 KB 92ms
91ms Image
image/png 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/dapp-uniswap.png
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b

Request headers

:path: /web/start/images/dapp-uniswap.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10268
last-modified: Thu, 30 Sep 2021 11:51:16 GMT
server: cloudflare
etag: "6155a4b4-281c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbZaczYbtg%2Feu2l8j2Lj1n8TkShsYD4xAQJLzd3gDnR%2F50%2B1RpXVzlySSCj7vqWITdLlwgr91XS1bhGW7sJGfHVj1wbJ9CYtlWFNqJ6BhW5oh7f2x01RpambTe95RKw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6973b0b038c65bf9-FRA

GET
H3 200 mm-shop-hoodie.png
metaxmask.io/web/start/images/ 242 KB
243 KB 87ms
86ms Image
image/png 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/mm-shop-hoodie.png
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ead4f9f5e42c4ad7ffd754811836a324116e4960c847d298a319f9aa01734dc5

Request headers

:path: /web/start/images/mm-shop-hoodie.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 248235
last-modified: Thu, 30 Sep 2021 11:51:18 GMT
server: cloudflare
etag: "6155a4b6-3c9ab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gmi88qQea7xzyhpAdpA3TYzRsmzmSYPErk%2FDyWU5E5Y6Z%2Fyw0fBRMi%2BbZoCbZdzd16EwmM7fllYgYVLmMcwo%2FzTN0sO5Ber6oXdjz%2BzoHj5fm4Ftbtm6dnGpgCqqWkk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6973b0b038c75bf9-FRA

GET
H3 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
metaxmask.io/web/start/js/ 87 KB
32 KB 19ms
19ms Script
application/javascript 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metaxmask.io/web/start/js/jquery-3.5.1.min.dc5e7f18c8.js?site=604ec65d7935b45ce251b35e
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

:path: /web/start/js/jquery-3.5.1.min.dc5e7f18c8.js?site=604ec65d7935b45ce251b35e
pragma: no-cache
origin: https://metaxmask.io
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://metaxmask.io/web/start/index.php
Origin: https://metaxmask.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 11:51:20 GMT
server: cloudflare
age: 3147
etag: W/"6155a4b8-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tyoy7E8aCwEQFzR9qIETMbzAeoLtnfVeOzFSSMCfd%2FiCAyRpOKZtoYsPMwPyWaof%2BCkv%2Bth0DcaP9WyIzdbtxqFjiGqmaJ22YFsdmxYKtSWYg4Ou5cdAxuMtAnAq7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6973b0b0389c5bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 webflow.js Show response
metaxmask.io/web/start/js/ 1 MB
243 KB 54ms
53ms Script
application/javascript 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metaxmask.io/web/start/js/webflow.js
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb22777e2c174528592bc140ef59ad6209a65564bbbe8972a0cc8202ccca64e9

Request headers

:path: /web/start/js/webflow.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 11:51:21 GMT
server: cloudflare
age: 3147
etag: W/"6155a4b9-12e6ff"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UqfPMSreGydar1SV4kzuf67trkXZ4SMYRjX0As%2BAbVVnZivA4qETcXyQvV8swZZbMXc1mWcgHPL2RE23M9JoN5mU4oogsOWMZ0hzNLkBEJZokL0VFlDOxdri6yXrd%2Bw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6973b0b038a95bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 752 B
1 KB 40ms
15ms Stylesheet
text/css 142.250.186.74
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.74 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f10.1e100.net

Software

ESF /

Resource Hash

3972064b60cc8d60061f5aa93b943dc54428f6c29e897f1488d75fb2d5671407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 01 Oct 2021 04:50:20 GMT
server: ESF
date: Fri, 01 Oct 2021 06:38:48 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8iraMxxUfRnRum-EGst9UuHcPNVSf9Kp1_90wIgU"
expires: Fri, 01 Oct 2021 06:38:48 GMT

GET
H3 200 hero2.2.png
metaxmask.io/web/start/images/ 576 KB
576 KB 33ms
33ms Image
image/png 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://metaxmask.io/web/start/images/hero2.2.png
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/css/metamask-staging-2.webflow.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1

Request headers

:path: /web/start/images/hero2.2.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/css/metamask-staging-2.webflow.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/css/metamask-staging-2.webflow.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3146
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 589568
last-modified: Thu, 30 Sep 2021 11:51:17 GMT
server: cloudflare
etag: "6155a4b5-8ff00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=taWsPqkNkWN2hEPJLWn9a%2FFcmvZ0WQoTIA9suAXQWXskYZvbdlBdtSKYwPIzYPQWpu0kSZfDwzoLCh6iIfURgZu82whcUhTEYN40sbTC627ZVFwU1S6%2Fo6%2BBIbCnvkw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6973b0b038c95bf9-FRA

GET
H3 200 EuclidCircularB-Regular-WebXL.woff2
metaxmask.io/web/start/fonts/ 44 KB
45 KB 144ms
144ms Font
application/octet-stream 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metaxmask.io/web/start/fonts/EuclidCircularB-Regular-WebXL.woff2
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/css/metamask-staging-2.webflow.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Request headers

:path: /web/start/fonts/EuclidCircularB-Regular-WebXL.woff2
pragma: no-cache
origin: https://metaxmask.io
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/css/metamask-staging-2.webflow.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://metaxmask.io/web/start/css/metamask-staging-2.webflow.css
Origin: https://metaxmask.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 11:51:11 GMT
server: cloudflare
age: 3146
etag: "b08c-5cd35102e2db0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MCIVJEf92m%2Fm7h4tE%2F8b14Vgvs3FjXN6pYYf63sr7EVlflFi7djaaG4hsXKAZejqqESzMGKOpxxrsE4zubual69ru1KQlIggQPiuDqg3fUW6nJvnd468oGjmxBX067k%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6973b0b038cc5bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 45196

GET
H3 200 EuclidCircularB-Bold-WebXL.woff2
metaxmask.io/web/start/fonts/ 44 KB
44 KB 145ms
145ms Font
application/octet-stream 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metaxmask.io/web/start/fonts/EuclidCircularB-Bold-WebXL.woff2
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/css/metamask-staging-2.webflow.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Request headers

:path: /web/start/fonts/EuclidCircularB-Bold-WebXL.woff2
pragma: no-cache
origin: https://metaxmask.io
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/css/metamask-staging-2.webflow.css
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://metaxmask.io/web/start/css/metamask-staging-2.webflow.css
Origin: https://metaxmask.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
cf-cache-status: HIT
last-modified: Thu, 30 Sep 2021 11:51:11 GMT
server: cloudflare
age: 3146
etag: "ae00-5cd3510271931"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1iwhNWmsJAdxT4VlYCIk7zbHhhHjLknKq5AYOXtbQLUKmcl9cP9uKMyiCsiCaFVhla16EWxqeV5wKZWUdwfpRL91%2F92Yv87mw4EI421abx6kQXxjDqrGMVN3JKcZKA4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 6973b0b038cd5bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 44544

GET
H/1.1 200
OK media.html Show response
cdn.embedly.com/widgets/ Frame 4865 394 KB
99 KB 53ms
15ms Document
text/html 104.16.90.50
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FYVgfHZMFFFQ%3Ffeature%3Doembed&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DYVgfHZMFFFQ&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2FYVgfHZMFFFQ%2Fhqdefault.jpg&key=96f1f04c5f4143bcb0f2e68c87d65feb&type=text%2Fhtml&schema=youtube
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.90.50 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4286c5f3881ad1f1a440ec2f5edc94e9021e0b10ecf17993d988e7c7166dec23

Request headers

Host: cdn.embedly.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://metaxmask.io/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/

Response headers

Date: Fri, 01 Oct 2021 06:38:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: LBHnQ8TA06pjhCZAPdVF0wlzTSr2RvZ5HCF7T4Nq8fB0aTDy40O9VOqrr5Z/HiYMrdCuaKxJkiM=
x-amz-request-id: DCNSJAXX7Y0PRA3Q
Last-Modified: Wed, 02 Jun 2021 21:18:28 GMT
Cache-Control: public, max-age=300
x-amz-version-id: w1xN9xNAF5jJWTgJLGIXbs0MDYiJ8DLb
CF-Cache-Status: HIT
Expires: Fri, 01 Oct 2021 06:43:48 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6973b0b0982f97a8-FRA
Content-Encoding: gzip

GET
H2 200 xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
fonts.gstatic.com/s/changaone/v13/ 8 KB
8 KB 30ms
7ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changaone/v13/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

e2bce7e3f85456cb30a1803f8f261157ca8922d7e0b1c5baf421d65cfd87619d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metaxmask.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 11:04:05 GMT
x-content-type-options: nosniff
age: 329683
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7924
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 04:39:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 11:04:05 GMT

GET
H2 200 xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
fonts.gstatic.com/s/changaone/v13/ 8 KB
8 KB 30ms
8ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changaone/v13/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

9c6596dccd4b15e7ab0a21d6b35c75d0f0531d258f342869890165ac974706b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metaxmask.io
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 28 Sep 2021 01:34:43 GMT
x-content-type-options: nosniff
age: 277445
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8364
x-xss-protection: 0
last-modified: Tue, 01 Sep 2020 04:36:56 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 28 Sep 2022 01:34:43 GMT

GET
H3 200 pica.js
metaxmask.io/cdn-cgi/challenge-platform/h/g/scripts/ 21 KB
8 KB 35ms
35ms Other
text/javascript 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metaxmask.io/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/web/start/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 33e5fd5b0202e790360763a051949c578179c0ec000ef949cff9f2198511d3b7

Request headers

:path: /cdn-cgi/challenge-platform/h/g/scripts/pica.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: same-origin
accept: */*
cache-control: no-cache
sec-fetch-dest: worker
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://metaxmask.io/web/start/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGweRgVCPuC67D1JsIK5QZKI5Fqe9EtA%2F17mrjS6q4GkumQX9UM4BmBcf1PQKlsRlRaAgE3z9Op%2FSxFIOG56eTIqdfUR4Jv9GrNsFv02zdnhC2Sm%2FPZqQpF6TVXsd0o%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript
cache-control: max-age=604800, public
x-control-type-options: nosniff
cf-ray: 6973b0b15ae45bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 iframe_api Show response
www.youtube.com/ Frame 4865 980 B
2 KB 44ms
23ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/iframe_api

Requested by

Host: cdn.embedly.com
URL: https://cdn.embedly.com/widgets/media.html?src=https%3A%2F%2Fwww.youtube.com%2Fembed%2FYVgfHZMFFFQ%3Ffeature%3Doembed&display_name=YouTube&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DYVgfHZMFFFQ&image=https%3A%2F%2Fi.ytimg.com%2Fvi%2FYVgfHZMFFFQ%2Fhqdefault.jpg&key=96f1f04c5f4143bcb0f2e68c87d65feb&type=text%2Fhtml&schema=youtube

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

a9f277261030fc350875f351bc5ea5cbde683d28eff1ec5800b1a0162b0fe464

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.embedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
server: ESF
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
content-type: text/javascript; charset=utf-8
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control: private, max-age=0
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
expires: Fri, 01 Oct 2021 06:38:48 GMT

GET
H3 200 www-widgetapi.js Show response
www.youtube.com/s/player/9fd4fd09/www-widgetapi.vflset/ Frame 4865 136 KB
44 KB 50ms
17ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/www-widgetapi.vflset/www-widgetapi.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/iframe_api

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

sffe /

Resource Hash

29cbbc904491419df6072fa909da83136461831a5f8f91a2d8344c53cabd0c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.embedly.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 04:31:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7627
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45039
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 01 Oct 2022 04:31:41 GMT

GET
H3 200 YVgfHZMFFFQ Show response
www.youtube.com/embed/ Frame A35E 56 KB
23 KB 66ms
65ms Document
text/html 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9fd4fd09/www-widgetapi.vflset/www-widgetapi.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

ESF /

Resource Hash

c5954361bc0be13e79c75bbe3d8efde5fdba339eace5ed05f74c10becc758904

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.youtube.com
:scheme: https
:path: /embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cdn.embedly.com/
accept-encoding: gzip, deflate, br
cookie: YSC=KOGcjs6dMo0; VISITOR_INFO1_LIVE=nsukrR7S5RY
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.embedly.com/

Response headers

content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 01 Oct 2021 06:38:48 GMT
strict-transport-security: max-age=31536000
permissions-policy: ch-ua-full-version=*, ch-ua-platform=*, ch-ua-platform-version=*, ch-ua-arch=*, ch-ua-model=*
cross-origin-opener-policy-report-only: same-origin; report-to="AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"
report-to: {"group":"AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AZM8irYOyGiHPUipdmT4ndw90h_PnG3TnL0unA"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
content-encoding: br
server: ESF
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 www-player-webp.css
www.youtube.com/s/player/9fd4fd09/ Frame A35E 330 KB
45 KB 16ms
16ms Stylesheet
text/css 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/www-player-webp.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

sffe /

Resource Hash

cf16056ffbbab55d04406d0ff06aa2c75946356a8cbccd2864871e8e482d212e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 05:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46472
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 30 Sep 2022 05:30:57 GMT

GET
H3 200 www-embed-player.js Show response
www.youtube.com/s/player/9fd4fd09/www-embed-player.vflset/ Frame A35E 202 KB
66 KB 20ms
20ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

sffe /

Resource Hash

49ee00732bd14d9d15b9ddae44bb5ec3b7885ecd2748b7c61ffc22791bbb8d72

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 05:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67643
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 30 Sep 2022 05:30:57 GMT

GET
H3 200 base.js Show response
www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/ Frame A35E 2 MB
508 KB 24ms
23ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

sffe /

Resource Hash

d9a2a876db423eff2a6ae24782d0493ffa9fc3cdfccaf68033d0a2fb451d5b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 05:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 520425
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 30 Sep 2022 05:30:57 GMT

GET
H3 200 fetch-polyfill.js Show response
www.youtube.com/s/player/9fd4fd09/fetch-polyfill.vflset/ Frame A35E 8 KB
3 KB 23ms
23ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

sffe /

Resource Hash

de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 05:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2830
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 30 Sep 2022 05:30:57 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame A35E 15 KB
15 KB 35ms
13ms Font
font/woff2 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 27 Sep 2021 19:58:13 GMT
x-content-type-options: nosniff
age: 297635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 27 Sep 2022 19:58:13 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame A35E
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

113 B
161 B

43ms
28ms

XHR
application/json

142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e60ca4a834bd52824f5e791ac0313e1ca1d11bd5abe7be0a921c846ce34de2b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 01 Oct 2021 06:38:48 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame A35E 29 B
424 B 29ms
6ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9fd4fd09/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:30:05 GMT
x-content-type-options: nosniff
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
age: 523
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
expires: Fri, 01 Oct 2021 06:45:05 GMT

GET
H3 200 remote.js Show response
www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/ Frame A35E 95 KB
29 KB 17ms
17ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

sffe /

Resource Hash

c08411e6407550799a0e967563c6f7d3f3ef0acb628dd0087b1d7b56922d105d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 05:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29990
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 30 Sep 2022 05:30:57 GMT

GET
H2 200 ySIUQvk5GAKWp7RJKF5OyVe9ZkTQkmns_YoJWAMMFa4.js Show response
www.google.com/js/th/ Frame A35E 35 KB
14 KB 31ms
7ms Script
text/javascript 142.250.185.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/ySIUQvk5GAKWp7RJKF5OyVe9ZkTQkmns_YoJWAMMFa4.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.132 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f4.1e100.net

Software

sffe /

Resource Hash

c9221442f939180296a7b449285e4ec957bd6644d09269ecfd8a0958030c15ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 29 Sep 2021 04:37:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 180052
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13291
x-xss-protection: 0
last-modified: Mon, 20 Sep 2021 23:00:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Thu, 29 Sep 2022 04:37:57 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/ Frame A35E 25 KB
7 KB 18ms
18ms Script
text/javascript 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

sffe /

Resource Hash

bb3027f45e4ebb343a1e0e5d16015070aefb2e9dd3c7fb4165c65c49d90d02e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 05:30:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7363
x-xss-protection: 0
last-modified: Thu, 30 Sep 2021 03:09:04 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 30 Sep 2022 05:30:57 GMT

GET
DATA 200
OK truncated
/ Frame A35E 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLT0XYGtJT64YHrFJfiI8JgZQ9eFtbJBFBF7Hmxh=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame A35E 3 KB
3 KB 30ms
7ms Image
image/jpeg 142.250.186.129
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLT0XYGtJT64YHrFJfiI8JgZQ9eFtbJBFBF7Hmxh=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f1.1e100.net

Software

fife /

Resource Hash

73360daef1e2781c6fe96e9150f10f2e4bbfe239940e15aa93cad4a901e10ce7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 05:32:24 GMT
x-content-type-options: nosniff
age: 3985
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2716
x-xss-protection: 0
server: fife
etag: "v1c"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Wed, 22 Sep 2021 12:30:19 GMT

GET
H2 200 maxresdefault.jpg
i.ytimg.com/vi/YVgfHZMFFFQ/ Frame A35E 81 KB
82 KB 31ms
8ms Image
image/jpeg 216.58.212.182
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi/YVgfHZMFFFQ/maxresdefault.jpg

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.182 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f22.1e100.net

Software

sffe /

Resource Hash

d7fd5afdd732dcfc52b067c4948158f4a6db333bdc18035bd79b03544c1e9c04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 05:50:52 GMT
x-content-type-options: nosniff
age: 2877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83294
x-xss-protection: 0
server: sffe
etag: "1582837014"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Fri, 01 Oct 2021 07:50:52 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame A35E 4 KB
3 KB 82ms
41ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9fd4fd09/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview"
expires: Fri, 01 Oct 2021 06:38:49 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame A35E 0
9 B 17ms
16ms Image
text/plain 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?YDuHpg
Requested by: Host: www.youtube.com
URL: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.78 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s48-in-f14.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 01 Oct 2021 06:38:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/93/ Frame A35E 52 KB
15 KB 41ms
17ms Script
text/javascript 216.58.212.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/93/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.131 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f3.1e100.net

Software

sffe /

Resource Hash

66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 30 Sep 2021 13:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 62055
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15346
x-xss-protection: 0
last-modified: Thu, 23 Sep 2021 17:05:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="cloudview-release"
expires: Fri, 01 Oct 2021 13:24:34 GMT

POST
H3 200 result Show response
metaxmask.io/cdn-cgi/challenge-platform/h/g/cv/ 2 B
758 B 86ms
85ms XHR
text/plain 104.21.19.171
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metaxmask.io/cdn-cgi/challenge-platform/h/g/cv/result?req_id=6973b0aefb9b3244
Requested by: Host: metaxmask.io
URL: https://metaxmask.io/cdn-cgi/challenge-platform/h/g/scripts/invisible.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.19.171 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-fetch-mode: cors
origin: https://metaxmask.io
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
sec-fetch-dest: empty
content-length: 14341
:path: /cdn-cgi/challenge-platform/h/g/cv/result?req_id=6973b0aefb9b3244
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type: application/json
accept: */*
cache-control: no-cache
:authority: metaxmask.io
referer: https://metaxmask.io/web/start/index.php
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://metaxmask.io/web/start/index.php
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 01 Oct 2021 06:38:49 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2%2F3ZdaJL%2FmYNaA1sR33FhkomgopZY90S8CYAS0YdXCKxtJxXdppttfrIQEpJ9TYUZxK2gMCr6vnDKQbFH1p12FlBlw%2BV3iKIgMw56NJtZ%2F%2FeOY9nJM%2B77McmIUXK%2FGc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
set-cookie: __cf_bm=yjd9Rt1ojbyLpuCB.NYH8yqpxmmMVS86U4qVRqpUTic-1633070329-0-AQ83YIbwJJkrWwq7pOIDaoKohjMC20GLID1oo25/MqO1f+tEGfF95obQz+9RLBAXO/MOnppq+700V9+7cTFdBERM/IXc7QJBpIY2eJpAmydP9A/19jSN2eTi3PkCdkeAYA==; path=/; expires=Fri, 01-Oct-21 07:08:49 GMT; domain=.metaxmask.io; HttpOnly; Secure; SameSite=None
cf-ray: 6973b0b7c8375bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame A35E 28 B
50 B 32ms
32ms XHR
application/json 142.250.185.78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/9fd4fd09/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.78 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f14.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/YVgfHZMFFFQ?wmode=opaque&widget_referrer=https%3A%2F%2Fmetaxmask.io%2F&enablejsapi=1&origin=https%3A%2F%2Fcdn.embedly.com&widgetid=1
X-YouTube-Client-Version: 1.20210928.1.1
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: Cgtuc3VrclI3UzVSWSj42dqKBg%3D%3D
X-YouTube-Ad-Signals: dt=1633070328829&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_java&u_nplug=3&u_nmime=4&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C940%2C528&vis=1&wgl=true&ca_type=image&bid=ANyPxKoDmnA_RK5_BQTaGq2s-lCQ2W8y_rzqwm4O_wiQ5d753iCPHRr0U-uHOKvteHixRCLalHCMwqBPkgUzK8SCqKZK2sTTzQ

Response headers

date: Fri, 01 Oct 2021 06:38:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: KOGcjs6dMo0
.youtube.com/	1970-01-20 01:57:02	Name: VISITOR_INFO1_LIVE Value: nsukrR7S5RY
.doubleclick.net/	1970-01-20 15:09:02	Name: IDE Value: AHWqTUm3QBjTAjr_N2VMJ3s4TLcCp96NIuW4yJuhxPPfaX9cBOwrsuqy6c-N5Gep
.metaxmask.io/	1970-01-19 21:37:52	Name: __cf_bm Value: yjd9Rt1ojbyLpuCB.NYH8yqpxmmMVS86U4qVRqpUTic-1633070329-0-AQ83YIbwJJkrWwq7pOIDaoKohjMC20GLID1oo25/MqO1f+tEGfF95obQz+9RLBAXO/MOnppq+700V9+7cTFdBERM/IXc7QJBpIY2eJpAmydP9A/19jSN2eTi3PkCdkeAYA==

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://metaxmask.io/web/start/index.php(Line 113) Message: Allow attribute will take precedence over 'allowfullscreen'.
deprecation	warning	URL: https://metaxmask.io/cdn-cgi/challenge-platform/h/g/scripts/invisible.js Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.embedly.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
metamask.io
metaxmask.io
static.doubleclick.net
www.google.com
www.gstatic.com
www.youtube.com
yt3.ggpht.com
104.16.90.50
104.21.19.171
142.250.185.132
142.250.185.202
142.250.185.78
142.250.186.102
142.250.186.129
142.250.186.34
142.250.186.35
142.250.186.74
185.199.108.153
216.58.212.131
216.58.212.182
1c8eeaba26b242b094ad1fbc6ca9d169e784047c14d14fc043c0bc646f5ef009
20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76
2132ad0d18519aec7045b776812b85146fd30773e4e79de6ddfb32c67ac2cdc0
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
29cbbc904491419df6072fa909da83136461831a5f8f91a2d8344c53cabd0c8c
29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c
33e5fd5b0202e790360763a051949c578179c0ec000ef949cff9f2198511d3b7
3972064b60cc8d60061f5aa93b943dc54428f6c29e897f1488d75fb2d5671407
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1
4286c5f3881ad1f1a440ec2f5edc94e9021e0b10ecf17993d988e7c7166dec23
49ee00732bd14d9d15b9ddae44bb5ec3b7885ecd2748b7c61ffc22791bbb8d72
506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55
517c0c6b44ede59070fb138aab7e875b9c230a227295f9612c32dabb9b0bdb13
596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
6137618d3823a779dd702a546f64a767860341256ed661e1204b2dbdfc680ef4
6470a6800e4cd4cae28c7565468aa6f7d881d4f8b33cf5b18e4e1af8e4f6a2f8
66b3a50b1f61027459efda3192f4265a316f43a8d770a7135c956bea688fe4d8
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43
73360daef1e2781c6fe96e9150f10f2e4bbfe239940e15aa93cad4a901e10ce7
7deeee24b8c80bcca6c1c3ba09aaf3811aa99f88028732f2fce9e31e83a435f6
7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
8ba2b37fd4f2f3c19c10109bc6111d3d71692c78f9351f1eb2a8cab5231b77b5
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
9b131e172ecf5db5b4876182d40640ecfa0633c92a4891cfe95f4b5b62bf13c3
9c6596dccd4b15e7ab0a21d6b35c75d0f0531d258f342869890165ac974706b3
a9f277261030fc350875f351bc5ea5cbde683d28eff1ec5800b1a0162b0fe464
ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b
bb3027f45e4ebb343a1e0e5d16015070aefb2e9dd3c7fb4165c65c49d90d02e7
c08411e6407550799a0e967563c6f7d3f3ef0acb628dd0087b1d7b56922d105d
c5954361bc0be13e79c75bbe3d8efde5fdba339eace5ed05f74c10becc758904
c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116
c9221442f939180296a7b449285e4ec957bd6644d09269ecfd8a0958030c15ae
cb22777e2c174528592bc140ef59ad6209a65564bbbe8972a0cc8202ccca64e9
cf16056ffbbab55d04406d0ff06aa2c75946356a8cbccd2864871e8e482d212e
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7fd5afdd732dcfc52b067c4948158f4a6db333bdc18035bd79b03544c1e9c04
d9a2a876db423eff2a6ae24782d0493ffa9fc3cdfccaf68033d0a2fb451d5b46
de6c4ffa2bd9fd283610e28d0db2ec48607aab39d213a51aef248673a0a7e980
e2bce7e3f85456cb30a1803f8f261157ca8922d7e0b1c5baf421d65cfd87619d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e60ca4a834bd52824f5e791ac0313e1ca1d11bd5abe7be0a921c846ce34de2b5
ead4f9f5e42c4ad7ffd754811836a324116e4960c847d298a319f9aa01734dc5
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

metaxmask.io Open in urlscan Pro 104.21.19.171 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

51 Requests

100 %HTTPS

0 %IPv6

10 Domains

13 Subdomains

14 IPs

2 Countries

2384 kBTransfer

5940 kBSize

4 Cookies

0 Outgoing links

Redirected requests

51 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

metaxmask.io Open in urlscan Pro
104.21.19.171 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

51
Requests

100 %
HTTPS

0 %
IPv6

10
Domains

13
Subdomains

14
IPs

2
Countries

2384 kB
Transfer

5940 kB
Size

4
Cookies

51 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!