www.metamaskimg.buzz Open in urlscan Pro
2606:4700:3033::6815:31b7 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.metamaskimg.buzz/
Effective URL:
https://www.metamaskimg.buzz/
Submission: On May 28 via manual (May 28th 2022, 10:34:27 am UTC) from RS — Scanned from DE

Summary HTTP 20 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 20 HTTP transactions. The main IP is 2606:4700:3033::6815:31b7, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.metamaskimg.buzz.
TLS certificate: Issued by E1 on May 25th 2022. Valid for: 3 months.

This is the only time www.metamaskimg.buzz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
1 19	2606:4700:303... 2606:4700:3033::6815:31b7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	103.235.46.191 103.235.46.191	55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.)
20	3

19 2606:4700:3033::6815:31b7 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.metamaskimg.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.235.46.191 (Hong Kong)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)

hm.baidu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	metamaskimg.buzz 1 redirects www.metamaskimg.buzz	800 KB
2	baidu.com hm.baidu.com — Cisco Umbrella Rank: 8357	12 KB
20	2

	Domain	Requested by
19	www.metamaskimg.buzz	1 redirects www.metamaskimg.buzz
2	hm.baidu.com	www.metamaskimg.buzz
20	2

This site contains links to these domains. Also see Links.

Domain
dowms-site.xyz
chrome.google.com
addons.mozilla.org
microsoftedge.microsoft.com

Subject Issuer	Validity	Valid
*.metamaskimg.buzz E1	`2022-05-25` - `2022-08-23`	3 months	crt.sh
baidu.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-02-21` - `2022-08-02`	5 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.metamaskimg.buzz/
Frame ID: 6E0E7471A18F45D0A231B9F62B4CB73C
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Metamask App,Metamask Android,Metamask Chrome,Metamask For Chrome,Metamask Download,Metamask Wallet

Page URL History Show full URLs

http://www.metamaskimg.buzz/ HTTP 301
https://www.metamaskimg.buzz/ Page URL

Detected technologies

Baidu Analytics (百度统计) (Analytics) Expand

Overall confidence: 100%
Detected patterns

hm\.baidu\.com/hm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

813 kB
Transfer

1524 kB
Size

3
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://dowms-site.xyz/?ms-ios-1
Title: Download

Search URL Search Domain Scan URL

URL: https://dowms-site.xyz/?ms-chrome-1
Title: Install MetaMask for Chrome

Search URL Search Domain Scan URL

URL: https://dowms-site.xyz/?ms-apk-1
Title: Install MetaMask for Android

Search URL Search Domain Scan URL

URL: https://chrome.google.com/webstore/detail/metamask/nkbihfbeogaeaoehlefnkodbefgpgknn?hl=en
Title: Chrome

Search URL Search Domain Scan URL

URL: https://addons.mozilla.org/en-US/firefox/addon/ether-metamask/
Title: Firefox

Search URL Search Domain Scan URL

URL: https://microsoftedge.microsoft.com/addons/detail/metamask/ejbalbakoplchlghecdalmeeeajnimhm?hl=en-US
Title: Edge

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.metamaskimg.buzz/ HTTP 301
https://www.metamaskimg.buzz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.metamaskimg.buzz/
Redirect Chain

http://www.metamaskimg.buzz/
https://www.metamaskimg.buzz/

17 KB
4 KB

353ms
300ms

Document
text/html

2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3125154a4584a1f646971e9a33c60f6a464707466cc85bd5f7da9eaeeb6571fe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71265663da4d374c-MXP
content-encoding: br
content-type: text/html
date: Sat, 28 May 2022 10:34:22 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Sat, 02 Oct 2021 07:48:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1ldkDxS27DDPB89AkvYh%2BCECEczqIfrRVdrdynWzVF%2FOXAd1mtO7cyPL0ev%2Bf7EnCi0lldBEeEVgols63KaYSK1r2UHZe%2Fl0Ln6wANtnKHq9rt3A6rha8b4rJ859xt7o5b9Vpjxl%2BDUOWu755%2B1J7UmrhQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

CF-RAY: 712656635955374c-MXP
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 28 May 2022 10:34:22 GMT
Expires: Sat, 28 May 2022 11:34:22 GMT
Location: https://www.metamaskimg.buzz/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ILvuf9Ls9rZvANrapBUMgpgXK%2FA0S5%2F%2BLpXnoUIf1TKDLSJSN1wIAEqQMDiPR%2FJY6RFcZJ1ollmMKmlM%2BSN28OI50QeYGBB3cXinpLTNieXtvRvTGxEIGmXC0lKI7rTUbwSzcb4%2FZTQ5uKqirXMP9zMnww%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 normalize.css
www.metamaskimg.buzz/index_files/ 8 KB
3 KB 32ms
29ms Stylesheet
text/css 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metamaskimg.buzz/index_files/normalize.css
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28414
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 04 Sep 2021 04:39:52 GMT
server: cloudflare
etag: W/"6132f898-1e5c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M%2B7XolEdn2oZ70HmnRFxKC2wdosO1dXCc1XIfjDzFUUlf688jQR%2B4CmYcjWu0kzhmdbwkDlarfbnBqilvPcM0o%2FuhgoBwCXnFBeHkGAy66kzhm9nmRQXTP924PcoVR5co0JCoFMeY%2FTKvoeHKDoW1b%2F4mw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 71265665de7c374c-MXP
expires: Sat, 28 May 2022 14:40:49 GMT

GET
H2 200 webflow.css
www.metamaskimg.buzz/index_files/ 38 KB
10 KB 33ms
31ms Stylesheet
text/css 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metamaskimg.buzz/index_files/webflow.css
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28414
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 04 Sep 2021 04:39:53 GMT
server: cloudflare
etag: W/"6132f899-98c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LjspNnoxVHkcfzO7uVClK49TWuw9IBJ2AWkUCkB8zbQa1jR%2FyJqGH%2Fv72vklZz6bt4QZIN8hGnBa1w39DX%2FnrYD8YnbHGnILP9htlHOgaDLtRpiEn4vEuxUVWRkQFaKEIdvf76wXybey%2FoZ2HhKw%2ByTjUA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 71265665de81374c-MXP
expires: Sat, 28 May 2022 14:40:49 GMT

GET
H2 200 metamask-staging-2.webflow.css
www.metamaskimg.buzz/index_files/ 132 KB
18 KB 42ms
41ms Stylesheet
text/css 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metamaskimg.buzz/index_files/metamask-staging-2.webflow.css
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19872aaf2614d85f9cd1b5f7a11592e54073c606e97f5f31de03bc254da4fb12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28414
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 04 Sep 2021 06:00:44 GMT
server: cloudflare
etag: W/"61330b8c-2111c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a9%2F0PuW0vLKxmq3XhBXlSiJsEA71kpLQJcbQClH43CLzqrc%2BXeB5aJzX6FX91Rsmxpz9KUa1ggmQG8LHGUfq2fVdYOICRJRGCVpf7sEfYFVMtrLx4KJcIjR8H8Kgaq8GfJT6K2OWHXD1xn%2B%2Fr2e9wPjMWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 71265665de84374c-MXP
expires: Sat, 28 May 2022 14:40:49 GMT

GET
H2 200 js Show response
www.metamaskimg.buzz/index_files/ 101 KB
102 KB 200ms
199ms Script
application/octet-stream 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metamaskimg.buzz/index_files/js
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 56d7ec9bf2e02d007178c323a7fe5f8a8cdbbada443b00e41cbee9c39bf23cea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
cf-cache-status: DYNAMIC
last-modified: Sat, 04 Sep 2021 04:39:51 GMT
server: cloudflare
etag: "6132f897-19497"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gT68OOfJ%2Fzwh7xbIRqo8ZvQC1sNpX39ShurwWPZKWf6tvlUYxKbKnbR2hYB80%2B7ehCR6UrTFJoGStZUJVwLEkYMgLcwiSuvcd4FvyaZXq5zvKf6DKftPUN2e7FiHAglrNg%2FaP3RphShyrxeuhTzcA%2BbUFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 712656661f32374c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 103575

GET
H2 200 mm-logo.svg
www.metamaskimg.buzz/index_files/ 12 KB
4 KB 51ms
49ms Image
image/svg+xml 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metamaskimg.buzz/index_files/mm-logo.svg
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 04 Sep 2021 04:39:52 GMT
server: cloudflare
age: 1087
etag: W/"6132f898-2ef3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x4DLfVhwGm%2FBt43f4sYyVyjb1R2h7hYTU7MJo8B9cVyU%2BAhfQanVzuxZfCfKPLsFb4WpLAKeZdu2Xk%2FixtnT22MhUYahAhz9Qk4oxa9G9kpWI0hWZkp3BiLYBs15LqNY56enKfCWoC2MiaRWRqMyMB0Vow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 712656661f34374c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 download-extension.png
www.metamaskimg.buzz/index_files/ 103 KB
104 KB 51ms
49ms Image
image/png 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metamaskimg.buzz/index_files/download-extension.png
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84ea6bece58d7fd72eb4446d06d52e4b8e03eee444cb01c6b1c240eb6c412d02

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 105929
last-modified: Sat, 04 Sep 2021 04:39:49 GMT
server: cloudflare
etag: "6132f895-19dc9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bFH3RZkhSsd0xFwyGL63FkUtOk83lTs4daBhdiZIroQGQPQrDSJgSpPevRP9MD8gUVSvHqFwIiesesaAdi6H6VJmPYbahtUOq1DG4UY%2BvYYnoJCeBU2b8SW%2Bj0GgzI3qZmCdIyJ41wiDEcuHYAuyUHBNzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 712656661f36374c-MXP
expires: Mon, 27 Jun 2022 02:40:50 GMT

GET
H2 200 download-ios.png
www.metamaskimg.buzz/index_files/ 90 KB
91 KB 33ms
32ms Image
image/png 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metamaskimg.buzz/index_files/download-ios.png
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 201e8c7479fe65886bf5d1e2cebec0b5c0c1c18a90706fa5e7d02e89e83ab3a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92086
last-modified: Sat, 04 Sep 2021 04:39:49 GMT
server: cloudflare
etag: "6132f895-167b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cnzrQQ9xThHDWs5F%2BFndzT37qyPcl2rta%2FYyP%2FhWG3D6kdz5XEDr0IzkwSk5ILHwsbFydHuy8zVQtrrxYGfbC%2BjefBVuLFMGx%2BNe0nDGoBu%2FcRKwSM%2FGnn6L7epojb5kJDpV%2FRvF7pUCsiCmsrIPk1uVVw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 712656661f39374c-MXP
expires: Mon, 27 Jun 2022 02:40:50 GMT

GET
H2 200 download-android.png
www.metamaskimg.buzz/index_files/ 107 KB
107 KB 51ms
49ms Image
image/png 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metamaskimg.buzz/index_files/download-android.png
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c70ad102753b3e9daff0093796d2265a4fde7be37c374e61728950c38757e016

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 109632
last-modified: Sat, 04 Sep 2021 04:39:48 GMT
server: cloudflare
etag: "6132f894-1ac40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7LoW3ECADHcTGEBi7VAYwOUYHO7ef8AQVIJ5EDPSD%2F8rOnQUEuwwIufpCLaDQYwtO8NJwbdbx4eneFLApdlajjMOkXA%2BYGyhlGyuiKplR%2FpKxbi1E0Efz9%2BsmznmUUdSNkwYCQgM2TgsbxA9795rKi%2FENA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 712656661f40374c-MXP
expires: Mon, 27 Jun 2022 02:40:50 GMT

GET
H2 200 chrome_1chrome.png
www.metamaskimg.buzz/index_files/ 4 KB
4 KB 33ms
32ms Image
image/png 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metamaskimg.buzz/index_files/chrome_1chrome.png
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90af37bb98146aba902ae19d013dc16ead7ea6f5050f339a5728eaf2a068c7ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3890
last-modified: Sat, 04 Sep 2021 04:39:48 GMT
server: cloudflare
etag: "6132f894-f32"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fdP2FkOpYRNvOhFGSB4Cgax4wYXgBkLOel3PqJjuR4KF4NnriYgYT4wkQvm8TeM2dE9XM6QpWlSheFdaqCDCmwQK6wFh%2BYEx%2FiPk3A%2FC%2BP%2BOSjMzlEVAxb%2BpGbXp0FHmaxovb9e4Re2Dr%2BXuCF6S56AZUg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 712656661f43374c-MXP
expires: Mon, 27 Jun 2022 02:40:50 GMT

GET
H2 200 Firefox_1Firefox.png
www.metamaskimg.buzz/index_files/ 10 KB
11 KB 51ms
50ms Image
image/png 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metamaskimg.buzz/index_files/Firefox_1Firefox.png
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 52c88349bd9d45937236e20a4c9928f8a15db9dc7418436900e667b344e079c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10509
last-modified: Sat, 04 Sep 2021 04:39:50 GMT
server: cloudflare
etag: "6132f896-290d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BCrDQN9ult4%2BO0hgGKyfBUpYu%2F4pL6g9BbLX5Z2gAMhJsTvX8tbZV4ENXaYLVWsIkPLFjtJLmkcpPOeYT6HMShHilHHNkkR9WW2MJqqwHLamzRzHr5MoXuaEZKzZ0XP5WvY7wLNqr5bSgagNr2ATGbGvQA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 712656661f47374c-MXP
expires: Mon, 27 Jun 2022 02:40:50 GMT

GET
H2 200 Brave.png
www.metamaskimg.buzz/index_files/ 19 KB
19 KB 52ms
51ms Image
image/png 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metamaskimg.buzz/index_files/Brave.png
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd70b79d81f32aa721dedf46ea682f1f0c1808d2ffe09da63730b2a01380c214

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 19073
last-modified: Sat, 04 Sep 2021 04:39:48 GMT
server: cloudflare
etag: "6132f894-4a81"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8NU9YYQ7R%2F4w5HE6mNp2mB0mXCdhKj%2BO8QulWUSNj0Yfcb4%2Buzu8uRVpjxN0KNvIudNJeMU%2FKLSQhJ6LQGpwrGLnvSqFcR031Sesa4rf2YujhxdLDQXDZeMWgHOnOa5B4g6B9FaRdeNcj6WtB7AbNmjTDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 712656662f6c374c-MXP
expires: Mon, 27 Jun 2022 02:40:50 GMT

GET
H2 200 Edge.png
www.metamaskimg.buzz/index_files/ 34 KB
34 KB 51ms
50ms Image
image/png 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.metamaskimg.buzz/index_files/Edge.png
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6643f9327bc18e8108d0bc474eee816d0807a10dc8ad3702797e8f81f23c888b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34658
last-modified: Sat, 04 Sep 2021 04:39:50 GMT
server: cloudflare
etag: "6132f896-8762"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FdRabAbquTfcvRgPKvWQWV4m3zni4uBhv%2FTJnRy4eqzmALvJl22q%2FcG8jsEf8NctS%2FQ49CUJ0RxRRLpRRZEKf%2BuJT44UwXby%2F3i39qYg%2FxW9a1nJf7DDep9FSax00xBJTOPGX%2B2snRiq6ysI3%2BI4gq8RGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 712656662f6d374c-MXP
expires: Mon, 27 Jun 2022 02:40:50 GMT

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
www.metamaskimg.buzz/index_files/ 87 KB
32 KB 430ms
430ms Script
application/javascript 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metamaskimg.buzz/index_files/jquery-3.5.1.min.dc5e7f18c8.js
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.metamaskimg.buzz/
Origin: https://www.metamaskimg.buzz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 04 Sep 2021 04:39:51 GMT
server: cloudflare
etag: W/"6132f897-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnO3ZnBKTMb2aywVYK5NNj231zHg3LeZP%2BjAk%2BRO7XLIvmEMccLsNDSg3EabjQSaeUXgfhQhToBU5zZhAxTo9rBXRnH4P6bwk1YSPxDO%2FdTFTlM1d6nt%2FjXzbcYg66iTmYXkkv7vNkuvwsWHieuo5O2s5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 712656660f14374c-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 28 May 2022 22:34:23 GMT

GET
H2 200 jquery.min.js Show response
www.metamaskimg.buzz/index_files/ 90 KB
34 KB 33ms
33ms Script
application/javascript 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metamaskimg.buzz/index_files/jquery.min.js
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28414
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 04 Sep 2021 04:39:51 GMT
server: cloudflare
etag: W/"6132f897-1698b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoQzIP6fgz7bFVX7ZK8Y9hmLUPXF6GDL%2Ft4W0Z7FPoM9ORBq0BDLXQvDsqjrkAFjQGl1drfydTsuhcWYCwAmad2oiZijBg%2F3WLJpSG2c%2Frpu1h3o2k9CtMkm72QxyzZ3iLs%2FnuWasWZ2VoNi5YZzkkqj5A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 712656661f1e374c-MXP
expires: Sat, 28 May 2022 14:40:49 GMT

GET
H2 200 webflow.js Show response
www.metamaskimg.buzz/index_files/ 553 KB
135 KB 52ms
50ms Script
application/javascript 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metamaskimg.buzz/index_files/webflow.js
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94b3185eff8d48c0db402f227d910832d0ea342b6018db0cbea95577509fd161

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28413
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 04 Sep 2021 04:39:54 GMT
server: cloudflare
etag: W/"6132f89a-8a283"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kkrSJFj%2BtZlbXEgb2RkvdHOjeVyv4OzrEU2OmR6dfaIJC14oQTQGA%2BIKDLEMCC4gK0V7yZqogFBIMYvaKeJSaY36yftLZVdue4RytjVg%2BOR6sNnEym4j9mNGz4rX%2Bm%2Fv5uNyn5zk9Fa3%2FRNwkjpW5X7eDw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 712656661f2d374c-MXP
expires: Sat, 28 May 2022 14:40:49 GMT

GET
H/1.1 200
OK hm.js Show response
hm.baidu.com/ 29 KB
11 KB 1857ms
437ms Script
application/javascript 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to

Full URL

https://hm.baidu.com/hm.js?856ae97a494043d69dfd28a50460f3a1

Requested by

Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

5ec720e2d3d0417d0f7e4e2f88d63e1572ee7699ff88f0e0a725a89567859c9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Sat, 28 May 2022 10:34:24 GMT
Content-Encoding: gzip
Server: apache
Etag: a19c5cf7332c5085e47122db26d67855
Strict-Transport-Security: max-age=172800
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cache-Control: max-age=0, must-revalidate
Content-Type: application/javascript
Content-Length: 11141

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin: https://www.metamaskimg.buzz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H3 200 EuclidCircularB-Regular-WebXL.woff2
www.metamaskimg.buzz/fonts/ 44 KB
45 KB 557ms
557ms Font
font/woff2 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metamaskimg.buzz/fonts/EuclidCircularB-Regular-WebXL.woff2
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/index_files/metamask-staging-2.webflow.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Request headers

Referer: https://www.metamaskimg.buzz/index_files/metamask-staging-2.webflow.css
Origin: https://www.metamaskimg.buzz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
cf-cache-status: MISS
last-modified: Sat, 04 Sep 2021 04:39:47 GMT
server: cloudflare
etag: "6132f893-b08c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9obhNjkAX0cX1qgelNceFfHtnyvE1QiFWXZgQ2U3L8GFeaud2kEhyNAOz8mSGVFqWiTvYv8YmwReVxPj57TyIRphnW1QCBXIHcug47Ese11B151ag2Bb12qCLR8mO6SYIlZNDDa2DUS3BRKcZEwVY3%2Fp4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 712656661a123760-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45196

GET
H3 200 EuclidCircularB-Bold-WebXL.woff2
www.metamaskimg.buzz/fonts/ 44 KB
44 KB 594ms
594ms Font
font/woff2 2606:4700:3033::6815:31b7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.metamaskimg.buzz/fonts/EuclidCircularB-Bold-WebXL.woff2
Requested by: Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/index_files/metamask-staging-2.webflow.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:31b7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Request headers

Referer: https://www.metamaskimg.buzz/index_files/metamask-staging-2.webflow.css
Origin: https://www.metamaskimg.buzz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 28 May 2022 10:34:23 GMT
cf-cache-status: MISS
last-modified: Sat, 04 Sep 2021 04:39:46 GMT
server: cloudflare
etag: "6132f892-ae00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gyYd5UWn4ei%2FjboR8CBuWbfuRwhkc9QK7COxJt6wXUyeyr67%2FFBog2oTzwr1cyiqGgl9hveluuO1hUatLJk83AV5YL3rF8GtC3EZ%2BozEPhn5yEiXTt97BUXUmUEUGwQiMK8OhDBXkgDhzAvuzfKX%2BzgT3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 712656662a1b3760-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44544

GET
H/1.1 200
OK hm.gif
hm.baidu.com/ 43 B
299 B 454ms
453ms Image
image/gif 103.235.46.191
BAIDU Beijing Bai...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1600x1200&vl=1200&et=0&ja=0&ln=en-us&lo=0&rnd=2003189325&si=856ae97a494043d69dfd28a50460f3a1&v=1.2.93&lv=1&sn=23876&r=0&ww=1600&ct=!!&u=https%3A%2F%2Fwww.metamaskimg.buzz%2F&tt=Metamask%20App%2CMetamask%20Android%2CMetamask%20Chrome%2CMetamask%20For%20Chrome%2CMetamask%20Download%2CMetamask%20Wallet

Requested by

Host: www.metamaskimg.buzz
URL: https://www.metamaskimg.buzz/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

103.235.46.191 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),

Reverse DNS

Software

apache /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=172800
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.metamaskimg.buzz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 28 May 2022 10:34:25 GMT
X-Content-Type-Options: nosniff
Server: apache
Strict-Transport-Security: max-age=172800
Content-Type: image/gif
Cache-Control: private, max-age=0, no-cache
Content-Length: 43

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hm.baidu.com/	1970-01-25 20:29:45	Name: HMACCOUNT_BFESS Value: CA9D48D86821D2A5
.www.metamaskimg.buzz/	1970-01-20 12:07:50	Name: Hm_lvt_856ae97a494043d69dfd28a50460f3a1 Value: 1653734066
.www.metamaskimg.buzz/	1969-12-31 23:59:59	Name: Hm_lpvt_856ae97a494043d69dfd28a50460f3a1 Value: 1653734066

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

hm.baidu.com
www.metamaskimg.buzz
103.235.46.191
2606:4700:3033::6815:31b7
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
19872aaf2614d85f9cd1b5f7a11592e54073c606e97f5f31de03bc254da4fb12
201e8c7479fe65886bf5d1e2cebec0b5c0c1c18a90706fa5e7d02e89e83ab3a6
3125154a4584a1f646971e9a33c60f6a464707466cc85bd5f7da9eaeeb6571fe
52c88349bd9d45937236e20a4c9928f8a15db9dc7418436900e667b344e079c5
56d7ec9bf2e02d007178c323a7fe5f8a8cdbbada443b00e41cbee9c39bf23cea
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
5ec720e2d3d0417d0f7e4e2f88d63e1572ee7699ff88f0e0a725a89567859c9c
6643f9327bc18e8108d0bc474eee816d0807a10dc8ad3702797e8f81f23c888b
84ea6bece58d7fd72eb4446d06d52e4b8e03eee444cb01c6b1c240eb6c412d02
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
90af37bb98146aba902ae19d013dc16ead7ea6f5050f339a5728eaf2a068c7ec
94b3185eff8d48c0db402f227d910832d0ea342b6018db0cbea95577509fd161
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842
c70ad102753b3e9daff0093796d2265a4fde7be37c374e61728950c38757e016
cd70b79d81f32aa721dedf46ea682f1f0c1808d2ffe09da63730b2a01380c214
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.metamaskimg.buzz Open in urlscan Pro 2606:4700:3033::6815:31b7 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

100 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

2 Countries

813 kBTransfer

1524 kBSize

3 Cookies

6 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

3 Cookies

Indicators

www.metamaskimg.buzz Open in urlscan Pro
2606:4700:3033::6815:31b7 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

2
Countries

813 kB
Transfer

1524 kB
Size

3
Cookies

20 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!