metamask.io-compliance.org Open in urlscan Pro
129.213.159.3 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://dokwo.com/redirect/job?url=aHR0cHM6Ly93d3cubXlzdGFydC5jb20vYXBpL3NoYXJlL3NoYXJlLnBocD9wdHNzZGpsc2ZmX2NpZD0...
Effective URL:
https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5M...
Submission: On August 27 via manual (August 27th 2022, 8:48:05 am UTC) from GR — Scanned from NL

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 24 HTTP transactions. The main IP is 129.213.159.3, located in Ashburn, United States and belongs to ORACLE-BMC-31898, US. The main domain is metamask.io-compliance.org.
TLS certificate: Issued by R3 on August 24th 2022. Valid for: 3 months.

This is the only time metamask.io-compliance.org was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	216.201.82.88 216.201.82.88	46562 (PERFORMIVE) (PERFORMIVE)
8	129.213.159.3 129.213.159.3	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
9	2600:9000:214... 2600:9000:214f:9600:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2606:50c0:800... 2606:50c0:8001::153	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
24	7

1 2a06:98c1:3121::3 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

dokwo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.201.82.88 (United States) 1 redirects

ASN46562 (PERFORMIVE, US)
PTR: visicom-95.nationalnet.com

www.mystart.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 129.213.159.3 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

metamask.io-compliance.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:214f:9600:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:50c0:8001::153 (United States)

ASN54113 (FASTLY, US)

metamask.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 3950	70 KB
8	io-compliance.org metamask.io-compliance.org	66 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 286 fonts.googleapis.com — Cisco Umbrella Rank: 54	94 KB
2	gstatic.com fonts.gstatic.com	17 KB
2	metamask.io metamask.io — Cisco Umbrella Rank: 259517	88 KB
1	mystart.com 1 redirects www.mystart.com — Cisco Umbrella Rank: 427367	627 B
1	dokwo.com 1 redirects dokwo.com	987 B
24	7

	Domain	Requested by
9	images.ctfassets.net	metamask.io-compliance.org
8	metamask.io-compliance.org	metamask.io-compliance.org
2	fonts.gstatic.com	fonts.googleapis.com
2	metamask.io	metamask.io-compliance.org
2	ajax.googleapis.com	metamask.io-compliance.org
1	fonts.googleapis.com	ajax.googleapis.com
1	www.mystart.com	1 redirects
1	dokwo.com	1 redirects
24	8

This site contains no links.

Subject Issuer	Validity	Valid
metamask.io-compliance.org R3	`2022-08-24` - `2022-11-22`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh
images.ctfassets.net Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
metamask.io R3	`2022-08-20` - `2022-11-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-08` - `2022-10-31`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Frame ID: 14168C5CBEC4E9A55D5669621FAE408A
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

FAQs

Page URL History Show full URLs

https://dokwo.com/redirect/job?url=aHR0cHM6Ly93d3cubXlzdGFydC5jb20vYXBpL3NoYXJlL3NoYXJlLnBocD9... HTTP 302
https://www.mystart.com/api/share/share.php?ptssdjlsff_cid=3887137145&media=https://news.google.com/... HTTP 302
https://metamask.io-compliance.org/?todaynews Page URL
https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzN... Page URL

Detected technologies

AdonisJS (Web frameworks) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

SweetAlert2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweetalert2(?:\.all)?(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

337 kB
Transfer

634 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://dokwo.com/redirect/job?url=aHR0cHM6Ly93d3cubXlzdGFydC5jb20vYXBpL3NoYXJlL3NoYXJlLnBocD9wdHNzZGpsc2ZmX2NpZD0zODg3MTM3MTQ1Jm1lZGlhPWh0dHBzOi8vbmV3cy5nb29nbGUuY29tL2FydGljbGVzLzYzZTVkZmM0MWZkMTNhNWYwOGVmOGYxMGRlMTE0Nzg5JnJlZGlyZWN0PWh0dHBzOi8vbWV0YW1hc2suaW8tY29tcGxpYW5jZS5vcmcvP3RvZGF5bmV3cw== HTTP 302
https://www.mystart.com/api/share/share.php?ptssdjlsff_cid=3887137145&media=https://news.google.com/articles/63e5dfc41fd13a5f08ef8f10de114789&redirect=https://metamask.io-compliance.org/?todaynews HTTP 302
https://metamask.io-compliance.org/?todaynews Page URL
https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://dokwo.com/redirect/job?url=aHR0cHM6Ly93d3cubXlzdGFydC5jb20vYXBpL3NoYXJlL3NoYXJlLnBocD9wdHNzZGpsc2ZmX2NpZD0zODg3MTM3MTQ1Jm1lZGlhPWh0dHBzOi8vbmV3cy5nb29nbGUuY29tL2FydGljbGVzLzYzZTVkZmM0MWZkMTNhNWYwOGVmOGYxMGRlMTE0Nzg5JnJlZGlyZWN0PWh0dHBzOi8vbWV0YW1hc2suaW8tY29tcGxpYW5jZS5vcmcvP3RvZGF5bmV3cw== HTTP 302
https://www.mystart.com/api/share/share.php?ptssdjlsff_cid=3887137145&media=https://news.google.com/articles/63e5dfc41fd13a5f08ef8f10de114789&redirect=https://metamask.io-compliance.org/?todaynews HTTP 302
https://metamask.io-compliance.org/?todaynews

24 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
metamask.io-compliance.org/
Redirect Chain

https://dokwo.com/redirect/job?url=aHR0cHM6Ly93d3cubXlzdGFydC5jb20vYXBpL3NoYXJlL3NoYXJlLnBocD9wdHNzZGpsc2ZmX2NpZD0zODg3MTM3MTQ1Jm1lZGlhPWh0dHBzOi8vbmV3cy5nb29nbGUuY29tL2FydGljbGVzLzYzZTVkZmM0MWZkMT...
https://www.mystart.com/api/share/share.php?ptssdjlsff_cid=3887137145&media=https://news.google.com/articles/63e5dfc41fd13a5f08ef8f10de114789&redirect=https://metamask.io-compliance.org/?todaynews
https://metamask.io-compliance.org/?todaynews

186 B
775 B

672ms
442ms

Document
text/html

129.213.159.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask.io-compliance.org/?todaynews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

129.213.159.3 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

nginx / PHP/7.4.30 PleskLin

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 165
content-type: text/html; charset=UTF-8
date: Sat, 27 Aug 2022 08:47:59 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
origin: https://optimizationguide-pa.googleapis.com
pragma: no-cache
referrer-policy: no-referrer
server: nginx
vary: Accept-Encoding
via: 1.1 27x19jfqvjdj9y351b6f5bzsy80e0wu2.cloudfront.net (CloudFront)
x-amz-cf-id: AOgZWO9dx6rdqTllzQT0==
x-amz-cf-pop: SIN5-C1
x-amz-id-2: JsJ8NVBzRDHK7DWbD0FdMsLWjUiaQT3IG4817yIUEl7uQGitGWAqhkavXJ9q6ICNfRtGEIOCimI=
x-amz-request-id: B9DNVQZ5ZSECWBZN
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-powered-by: PHP/7.4.30 PleskLin
x-xss-protection: 1; mode=block

Redirect headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 0
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Connection: close
Content-Encoding: gzip
Content-Length: 20
Content-Type: text/html
Date: Sat, 27 Aug 2022 08:47:59 GMT
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Location: https://metamask.io-compliance.org/?todaynews
Pragma: no-cache
Referrer-Policy: no-referrer-when-downgrade
Server: nginx
Vary: Accept-Encoding
Via: 1.1 varnish
X-Cache: MISS
X-FRAME-OPTIONS: SAMEORIGIN, SAMEORIGIN
X-Forwarded-Proto: https
X-Powered-By: PHP/5.4.36-0+deb7u3
X-Varnish: 363333219

GET
H2 200 Primary Request auth Show response
metamask.io-compliance.org/docs/ 12 KB
4 KB 389ms
389ms Document
text/html 129.213.159.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL

https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=

Requested by

Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/?todaynews

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

129.213.159.3 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),

Reverse DNS

Software

nginx / PHP/7.4.30 PleskLin

Resource Hash

a40f7e82302ce2fc7131fe01cc4f91f80b9dfbe3fc8a2df7e980794bbb19e70e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: nl-NL,nl;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-length: 3493
content-type: text/html; charset=UTF-8
date: Sat, 27 Aug 2022 08:48:00 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
origin: https://optimizationguide-pa.googleapis.com
pragma: no-cache
referrer-policy: no-referrer
server: nginx
vary: Accept-Encoding
via: 1.1 2uc7onb6pxbktt1tem7e2217xmhncbce.cloudfront.net (CloudFront)
x-amz-cf-id: xBvjhTVoOpOJVtgrD9GL==
x-amz-cf-pop: SIN5-C1
x-amz-id-2: 71eHiKBH9dtTJKgCN07shic11srSbHALvjtYMPnrjkkKfIkPXiphs73NuUogY57tTNW08BkgS8f=
x-amz-request-id: OUPMD2T0J8ZVMCU5
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-powered-by: PHP/7.4.30 PleskLin
x-xss-protection: 1; mode=block

GET
H2 200 normalize.css
metamask.io-compliance.org/docs/assets/css/ 8 KB
3 KB 336ms
335ms Stylesheet
text/css 129.213.159.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://metamask.io-compliance.org/docs/assets/css/normalize.css
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 129.213.159.3 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 25194b73ec31c5fa1e315cd30fd7428f4075d725740663aea2e60d1de61288cb

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 08:48:00 GMT
content-encoding: br
etag: W/"6227e0c8-1fbf"
last-modified: Tue, 08 Mar 2022 23:03:36 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 webflow.css
metamask.io-compliance.org/docs/assets/css/ 42 KB
9 KB 336ms
335ms Stylesheet
text/css 129.213.159.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://metamask.io-compliance.org/docs/assets/css/webflow.css
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 129.213.159.3 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 802e8b84706da1ef1028f35f53234a1a035d9705d28692cef23aa9f861d6fda9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 08:48:00 GMT
content-encoding: br
etag: W/"6227e0d4-a733"
last-modified: Tue, 08 Mar 2022 23:03:48 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 metamask-staging-2.webflow.css
metamask.io-compliance.org/docs/assets/css/ 138 KB
15 KB 238ms
237ms Stylesheet
text/css 129.213.159.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://metamask.io-compliance.org/docs/assets/css/metamask-staging-2.webflow.css
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 129.213.159.3 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 182312e7dc69bc99a4511f87330d7103340ecb553ff5100e0a6dffc51a95f269

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 08:48:00 GMT
content-encoding: br
etag: W/"622af76c-22782"
last-modified: Fri, 11 Mar 2022 07:17:00 GMT
server: nginx
x-powered-by: PleskLin
content-type: text/css

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 68ms
20ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 07:15:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 351162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 07:15:18 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
88 KB 70ms
22ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 03:18:51 GMT
x-content-type-options: nosniff
age: 106149
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89501
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Aug 2023 03:18:51 GMT

GET
H2 200 sweetalert2.all.min.js Show response
metamask.io-compliance.org/docs/assets/js/ 130 KB
27 KB 238ms
238ms Script
application/javascript 129.213.159.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://metamask.io-compliance.org/docs/assets/js/sweetalert2.all.min.js
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 129.213.159.3 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 6faa6d2cc22eee6ab470d647df6e05854b65afb94b6bca697949e87ffdd9aa49

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 08:48:00 GMT
content-encoding: br
etag: W/"62232d86-20963"
last-modified: Sat, 05 Mar 2022 09:29:42 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 wordlists.js Show response
metamask.io-compliance.org/docs/assets/js/ 19 KB
7 KB 334ms
334ms Script
application/javascript 129.213.159.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://metamask.io-compliance.org/docs/assets/js/wordlists.js
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 129.213.159.3 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 6fdbf627054ca6d4c688751f988a28196a6f634c5a54177b708399fcaeffa045

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 08:48:00 GMT
content-encoding: br
etag: W/"622a441a-4b50"
last-modified: Thu, 10 Mar 2022 18:31:54 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 error.js Show response
metamask.io-compliance.org/docs/assets/js/ 3 KB
1 KB 335ms
335ms Script
application/javascript 129.213.159.3
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://metamask.io-compliance.org/docs/assets/js/error.js
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 129.213.159.3 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx / PleskLin
Resource Hash: 05021b7ce3812e2e2ad6d6d98f3fb03404fba1744751a2ceec4dc271a2dfa5e9

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 08:48:00 GMT
content-encoding: br
etag: W/"6305a080-c91"
last-modified: Wed, 24 Aug 2022 03:52:32 GMT
server: nginx
x-powered-by: PleskLin
content-type: application/javascript

GET
H2 200 mm-logo.svg
images.ctfassets.net/9sy2a0egs6zh/4zJfzJbG3kTDSk5Wo4RJI1/1b363263141cf629b28155e2625b56c9/ 12 KB
4 KB 102ms
48ms Image
image/svg+xml 2600:9000:214f:9600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9sy2a0egs6zh/4zJfzJbG3kTDSk5Wo4RJI1/1b363263141cf629b28155e2625b56c9/mm-logo.svg
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 08:48:00 GMT
content-encoding: gzip
last-modified: Thu, 14 Oct 2021 12:34:16 GMT
server: Contentful Images API
age: 22616
etag: W/"51bcea2625eb2c6e9268a7377a792c86"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: mjV_XlbK_kJQuRCyZEi5_D0S4Gb8pFXgd2ow7yjLu9etI_IvSseq3g==
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)

GET
H2 200 dapp-aave.png
images.ctfassets.net/9sy2a0egs6zh/66xW3q4QV8YAl69ZT9tFGR/b601d5e628197b42ad92d2ac5f1929a4/ 9 KB
10 KB 105ms
52ms Image
image/webp 2600:9000:214f:9600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9sy2a0egs6zh/66xW3q4QV8YAl69ZT9tFGR/b601d5e628197b42ad92d2ac5f1929a4/dapp-aave.png?w=480&q=100&fm=webp
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: e713431d868b9b6cfea7a89d3532a4fd747f6176e8172b94550bc0ca12913450

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 04:59:19 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Sun, 17 Jul 2022 07:52:11 GMT
server: Contentful Images API
age: 13815
etag: "388fad38fd11a9b4dd69f116ba02cf2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 9708
x-amz-cf-id: XpjnZ-91QZIw1qwjp04iEzf867Hz-JG6PN4Ri4se0uyz9uFLBq-TaA==

GET
H2 200 dapp-axieinfinity.png
images.ctfassets.net/9sy2a0egs6zh/sRi3IfUyBXgEbKqIEGYOf/01c1bce3dc97d8a3ae9fbb9f30845786/ 28 KB
29 KB 65ms
26ms Image
image/webp 2600:9000:214f:9600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9sy2a0egs6zh/sRi3IfUyBXgEbKqIEGYOf/01c1bce3dc97d8a3ae9fbb9f30845786/dapp-axieinfinity.png?w=480&q=100&fm=webp
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 0a3909d16a1177ffaeb7ccff9759c348d84b77646f779cdfe477286737e97590

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 02:05:31 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Tue, 19 Jul 2022 12:13:52 GMT
server: Contentful Images API
age: 24795
etag: "2951b53194cdf6007b8137e4307da4c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 28884
x-amz-cf-id: QLEYN1eXa-g0KIgwxZJuj-u4rqqvmyXhN-exPMvlsq8vjr4K9edW8g==

GET
H2 200 dapp-compound.png
images.ctfassets.net/9sy2a0egs6zh/5OUzGQmzOnMzYZDpRzvSjp/a963c84101729a54fade58e13046bca4/ 6 KB
6 KB 64ms
25ms Image
image/webp 2600:9000:214f:9600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9sy2a0egs6zh/5OUzGQmzOnMzYZDpRzvSjp/a963c84101729a54fade58e13046bca4/dapp-compound.png?w=480&q=100&fm=webp
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 7785937cd3e4585680b7520f9c8748af75df87feabb3d51ef0be0e4e5daa63e8

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 02:05:31 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Wed, 17 Aug 2022 08:05:34 GMT
server: Contentful Images API
age: 24795
etag: "60287174e19977bf78ff9e97478dd4ef"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 6138
x-amz-cf-id: aLsZUuf3DtLUfNWyF47hpFie0yhMyne6IWtT8NFHLlf0idfWnkRIVw==

GET
H2 200 dapp-gitcoin.png
images.ctfassets.net/9sy2a0egs6zh/3je4UxBCkGOdxGshD4Q1yt/0c5d774242afc22255dc2df374915148/ 4 KB
5 KB 65ms
26ms Image
image/webp 2600:9000:214f:9600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9sy2a0egs6zh/3je4UxBCkGOdxGshD4Q1yt/0c5d774242afc22255dc2df374915148/dapp-gitcoin.png?w=480&q=100&fm=webp
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: e2e7d452cb6959f65161c66f421cf7c899566ffc171923c16c52622d407e8152

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:01:04 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Mon, 18 Jul 2022 04:50:04 GMT
server: Contentful Images API
age: 10213
etag: "b6b74e6fe1d11333d2af422b6c9d47c5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 4396
x-amz-cf-id: KQjXcvAEaAy_7wNjCGoQ1Q_MEckeL_CxVIGyuTMCfYSQQVypkigBag==

GET
H2 200 dapp-maker.png
images.ctfassets.net/9sy2a0egs6zh/12oxd35siV9K1gd4XqMVqX/1c0d61f9ae158806f1625a4224fc703c/ 3 KB
3 KB 64ms
25ms Image
image/webp 2600:9000:214f:9600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9sy2a0egs6zh/12oxd35siV9K1gd4XqMVqX/1c0d61f9ae158806f1625a4224fc703c/dapp-maker.png?w=480&q=100&fm=webp
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: e80a385671c3becdc811d5445432feb032cdd8928772cb5219afe87e291c9146

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 03:16:43 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Tue, 16 Aug 2022 14:50:54 GMT
server: Contentful Images API
age: 23212
etag: "9f00d277746a4d2a515e62c3832f32c2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 3196
x-amz-cf-id: 3Y-L5MLiV-EiiZ5kIbarpoD8-JVj06yIO6Y9mpLVenUdcIGxWGozyw==

GET
H2 200 dapp-opensea.png
images.ctfassets.net/9sy2a0egs6zh/4qGhgWlzcQfkICzCGJ0xVV/c6809a36e571f006f9e5c2999bfcea59/ 2 KB
2 KB 53ms
25ms Image
image/webp 2600:9000:214f:9600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9sy2a0egs6zh/4qGhgWlzcQfkICzCGJ0xVV/c6809a36e571f006f9e5c2999bfcea59/dapp-opensea.png?w=480&q=100&fm=webp
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 72149d23cd77db0acf0dfbbf35b384f836d394b5f6e21687fa4c96751b4fafac

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 03:16:43 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Sun, 17 Jul 2022 08:13:34 GMT
server: Contentful Images API
age: 19967
etag: "c01f7dd5a427ad06d7d51186055cad8b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 2172
x-amz-cf-id: t6GuJ12E2VnqdUyq3avPsVAvWOKIStgZZpeelwfticZTF6ESoYDl4w==

GET
H2 200 dapp-rarible.png
images.ctfassets.net/9sy2a0egs6zh/4JYnVbP6bKsQgAUN1FOAxQ/9689c7760674f824f36ac46a4b646ef1/ 4 KB
4 KB 54ms
27ms Image
image/webp 2600:9000:214f:9600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9sy2a0egs6zh/4JYnVbP6bKsQgAUN1FOAxQ/9689c7760674f824f36ac46a4b646ef1/dapp-rarible.png?w=480&q=100&fm=webp
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: b0b31cd8e1b55c67016da0589d939704903bc3d2ef236a71ba025d57fbbe2b1e

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:01:04 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Tue, 16 Aug 2022 14:44:25 GMT
server: Contentful Images API
age: 10151
etag: "1d6db943fcf968bb1c24c0986dc42c26"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 3684
x-amz-cf-id: 6TbFpbBz9-HRH7j6yaMnQPe4MOi5IMYrTwUoD4vIuMZ7h1NEblholg==

GET
H2 200 dapp-uniswap.png
images.ctfassets.net/9sy2a0egs6zh/2g8PJzqRsd9qxe9oaC83ia/477b426c3ac16b257469daf0819b4d9b/ 6 KB
7 KB 52ms
24ms Image
image/webp 2600:9000:214f:9600:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/9sy2a0egs6zh/2g8PJzqRsd9qxe9oaC83ia/477b426c3ac16b257469daf0819b4d9b/dapp-uniswap.png?w=480&q=100&fm=webp
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/auth?user=MzA2NTYzNjMzNzM5NjMzNjMzNjU2NjM3NjUzMDM3MzIzNzYzNjUzNjM2MzkzNzMwNjI2MzMwNjQzMjM5MzEzNTM5NjYzMzM0MzIzNTM5Mzg=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:9600:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: 5347403d1c460c640fea9d61f86d16f18b1af9e92a1b0857a4b18784f5c8b1e5

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 27 Aug 2022 06:01:05 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Wed, 17 Aug 2022 05:11:54 GMT
server: Contentful Images API
age: 10151
etag: "d24c53890e50bce1ca105c761432e6d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-pop: FRA53-C1
content-length: 6438
x-amz-cf-id: XTv3Dx-wdlogwyoMtzWDc7RR6wxanzZ4myoChmhfjEJrOOMBmybAVA==

GET
H2 200 css
fonts.googleapis.com/ 752 B
832 B 78ms
28ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8daea9a40be31e567300edc7daeb077f232cf7c32baed3aebff9ee9260b0d5a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: nl-NL,nl;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 27 Aug 2022 07:18:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 27 Aug 2022 08:48:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 27 Aug 2022 08:48:00 GMT

GET
H2 200 EuclidCircularB-Regular-WebXL.woff2
metamask.io/fonts/ 44 KB
45 KB 50ms
14ms Font
font/woff2 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://metamask.io/fonts/EuclidCircularB-Regular-WebXL.woff2
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/assets/css/metamask-staging-2.webflow.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Request headers

Referer: https://metamask.io-compliance.org/
Origin: https://metamask.io-compliance.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id: d1c0422ed18977aed303faed5982ad2e682a618f
date: Sat, 27 Aug 2022 08:48:00 GMT
via: 1.1 varnish
age: 416
x-cache: HIT
content-length: 45196
x-served-by: cache-ams21075-AMS
last-modified: Sat, 27 Aug 2022 04:04:08 GMT
server: GitHub.com
x-github-request-id: 4300:9CF4:608854:68267D:630997F6
x-timer: S1661590081.552771,VS0,VE1
etag: "630997b8-b08c"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 27 Aug 2022 04:15:10 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: MISS
x-cache-hits: 1

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/x-font-ttf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
Origin: https://metamask.io-compliance.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: application/x-font-ttf;charset=utf-8

GET
H2 200 EuclidCircularB-Bold-WebXL.woff2
metamask.io/fonts/ 44 KB
44 KB 62ms
28ms Font
font/woff2 2606:50c0:8001::153
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://metamask.io/fonts/EuclidCircularB-Bold-WebXL.woff2
Requested by: Host: metamask.io-compliance.org
URL: https://metamask.io-compliance.org/docs/assets/css/metamask-staging-2.webflow.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:50c0:8001::153 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: GitHub.com /
Resource Hash: 88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Request headers

Referer: https://metamask.io-compliance.org/
Origin: https://metamask.io-compliance.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-fastly-request-id: 67f38ab3f3d22f4aafa31fc9af66430ae37f5cf3
date: Sat, 27 Aug 2022 08:48:00 GMT
via: 1.1 varnish
age: 416
x-cache: HIT
content-length: 44544
x-served-by: cache-ams21075-AMS
last-modified: Sat, 27 Aug 2022 04:04:08 GMT
server: GitHub.com
x-github-request-id: 9C06:8062:671AA5:6C43CE:630997F6
x-timer: S1661590081.552845,VS0,VE1
etag: "630997b8-ae00"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
expires: Sat, 27 Aug 2022 04:14:42 GMT
cache-control: max-age=600
accept-ranges: bytes
x-origin-cache: HIT
x-proxy-cache: HIT
x-cache-hits: 1

GET
H2 200 xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
fonts.gstatic.com/s/changaone/v18/ 8 KB
8 KB 74ms
24ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metamask.io-compliance.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 23 Aug 2022 08:47:51 GMT
x-content-type-options: nosniff
age: 345609
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7900
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:15:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 23 Aug 2023 08:47:51 GMT

GET
H2 200 xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
fonts.gstatic.com/s/changaone/v18/ 8 KB
9 KB 70ms
21ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://metamask.io-compliance.org
accept-language: nl-NL,nl;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 26 Aug 2022 00:44:46 GMT
x-content-type-options: nosniff
age: 115394
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8404
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 26 Aug 2023 00:44:46 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
dokwo.com/	1970-01-20 05:33:17	Name: adonis-session Value: s%3AeyJtZXNzYWdlIjoiY2w3Ym50eGwwMGk5MTBtNTJoMm9iZjVyMyIsInB1cnBvc2UiOiJhZG9uaXMtc2Vzc2lvbiJ9.6C94SMGgtx3wVbZM-wPTyGSyyvuekb171CUCQxdISeE
dokwo.com/	1970-01-20 05:33:17	Name: cl7bntxl00i910m52h2obf5r3 Value: e%3AwRTHmbkA92lMiOjmAV15G1SP8GPjN4f_mR_0blnxcMKEg0UklfxqbZUWTETF3y_95satgxzo2X6vtX2WXSlNNA.QWZzVVZDRWh0N1N5RllmLQ.Xqb7Gt9xgk8fHZt6vQmEM5HrHlMNOwLwYw5AGTHJS-I
metamask.io-compliance.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: l1peunt7fr3mqgmei997uj0o2c

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
dokwo.com
fonts.googleapis.com
fonts.gstatic.com
images.ctfassets.net
metamask.io
metamask.io-compliance.org
www.mystart.com
129.213.159.3
216.201.82.88
2600:9000:214f:9600:12:94b3:c380:93a1
2606:50c0:8001::153
2a00:1450:4001:806::200a
2a00:1450:4001:812::200a
2a00:1450:4001:828::2003
2a06:98c1:3121::3
05021b7ce3812e2e2ad6d6d98f3fb03404fba1744751a2ceec4dc271a2dfa5e9
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
0a3909d16a1177ffaeb7ccff9759c348d84b77646f779cdfe477286737e97590
182312e7dc69bc99a4511f87330d7103340ecb553ff5100e0a6dffc51a95f269
25194b73ec31c5fa1e315cd30fd7428f4075d725740663aea2e60d1de61288cb
5347403d1c460c640fea9d61f86d16f18b1af9e92a1b0857a4b18784f5c8b1e5
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
6faa6d2cc22eee6ab470d647df6e05854b65afb94b6bca697949e87ffdd9aa49
6fdbf627054ca6d4c688751f988a28196a6f634c5a54177b708399fcaeffa045
72149d23cd77db0acf0dfbbf35b384f836d394b5f6e21687fa4c96751b4fafac
7785937cd3e4585680b7520f9c8748af75df87feabb3d51ef0be0e4e5daa63e8
802e8b84706da1ef1028f35f53234a1a035d9705d28692cef23aa9f861d6fda9
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
8daea9a40be31e567300edc7daeb077f232cf7c32baed3aebff9ee9260b0d5a0
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
a40f7e82302ce2fc7131fe01cc4f91f80b9dfbe3fc8a2df7e980794bbb19e70e
b0b31cd8e1b55c67016da0589d939704903bc3d2ef236a71ba025d57fbbe2b1e
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff
e2e7d452cb6959f65161c66f421cf7c899566ffc171923c16c52622d407e8152
e713431d868b9b6cfea7a89d3532a4fd747f6176e8172b94550bc0ca12913450
e80a385671c3becdc811d5445432feb032cdd8928772cb5219afe87e291c9146
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

metamask.io-compliance.org Open in urlscan Pro 129.213.159.3 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

75 %IPv6

7 Domains

8 Subdomains

7 IPs

2 Countries

337 kBTransfer

634 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

24 JavaScript Global Variables

3 Cookies

Security Headers

metamask.io-compliance.org Open in urlscan Pro
129.213.159.3 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

75 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

337 kB
Transfer

634 kB
Size

3
Cookies

24 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!