urlscan.io logo urlscan.io
SecurityTrails logo

matemasks.cloud Open in urlscan Pro
2606:4700:3032::ac43:97fa  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://matemasks.cloud/
Submission: On December 07 via automatic, source openphish — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 8 domains to perform 23 HTTP transactions. The main IP is 2606:4700:3032::ac43:97fa, located in United States and belongs to CLOUDFLARENET, US. The main domain is matemasks.cloud.
This is the only time matemasks.cloud was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 58.215.157.250 23650 (CHINANET-...)
1 99.86.3.46 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2408:4001:f00... 37963 (CNNIC-ALI...)
23 11
11    2606:4700:3032::ac43:97fa (United States)

ASN13335 (CLOUDFLARENET, US)
matemasks.cloud
1    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    58.215.157.250 (China)

ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN)
s4.cnzz.com
1    99.86.3.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-46.fra6.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2408:4001:f00::2f (Beijing, China)

ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN)
z3.cnzz.com
Domain Requested by
11 matemasks.cloud matemasks.cloud
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 fonts.gstatic.com fonts.googleapis.com
1 z3.cnzz.com matemasks.cloud
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net matemasks.cloud
1 s4.cnzz.com matemasks.cloud
1 cdnjs.cloudflare.com matemasks.cloud
1 www.googletagmanager.com matemasks.cloud
1 ajax.googleapis.com matemasks.cloud
0 c.cnzz.com Failed s4.cnzz.com
23 11

This site contains links to these domains. Also see Links.

Domain
www.im-tokens.store
mmap.matemasks.download
Subject Issuer Validity Valid
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.cnzz.com
GlobalSign Organization Validation CA - SHA256 - G2		 2021-01-05 -
2022-02-06		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh

This page contains 1 frames:

Primary Page: http://matemasks.cloud/
Frame ID: FAE2BBA7E7A2FD72E13518A2A0F03682
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MetaMask Download

Page Statistics

23
Requests

35 %
HTTPS

80 %
IPv6

8
Domains

11
Subdomains

11
IPs

3
Countries

499 kB
Transfer

1214 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
matemasks.cloud/ 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://matemasks.cloud/
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:97fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98466e077622024691f753e371e3229a88e098b538b8fcbc9d341f4c2ee90c30

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 07 Dec 2021 01:26:07 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
last-modified
Mon, 22 Nov 2021 20:24:40 GMT
vary
Accept-Encoding
CF-Cache-Status
DYNAMIC
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Mpxy0GWRxP3U4hbe76ioVhKWGfHUz1U2%2FT0vZ6UeSZ97p1gJueKIqoEU87xnDP8KF0ethDILiAvJsI9mAjXHIl3aXcBxfJXy3TDyijiI7KSuXvFQvxOEN6GpD0p%2Fth8Ai51mQmYhJvd2Ygst33U%3D"}],"group":"cf-nel","max_age":604800}
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
CF-RAY
6b99f6cb7d86d60c-MXP
Content-Encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
normalize.css
matemasks.cloud/css/ 		8 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://matemasks.cloud/css/normalize.css
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:97fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25194b73ec31c5fa1e315cd30fd7428f4075d725740663aea2e60d1de61288cb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:26:08 GMT
content-encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 30 Oct 2021 18:00:28 GMT
Server
cloudflare
etag
W/"617d883c-1fbf"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m%2BCNpdb92xHj%2F1wbJL3YWzcJ19Kwsf0ysanFcCM9bxd6LUMnD%2BeyP9tP%2FKCTc4aLL58DS5LhxCLCFjEqvveJMalZinlS8bCcGPIbEnJK6L%2FNU7za9W9Ml%2BZ%2BU785zkdX0HQvBnN8NFDNCSrQnOw%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
cache-control
max-age=43200
CF-RAY
6b99f6cc0dd1d60c-MXP
expires
Tue, 07 Dec 2021 13:26:08 GMT
webflow.css
matemasks.cloud/css/ 		40 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://matemasks.cloud/css/webflow.css
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:97fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4201ce28fb232df36f1dec6818c4ca5f5ab47a890e8b1c45ac7834d8758dfeca

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:26:08 GMT
content-encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 30 Oct 2021 18:00:44 GMT
Server
cloudflare
etag
W/"617d884c-9fd9"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=er6i%2BmDEn9trpwlhUIj4uKdMrXMULeFDWjxnZMvZDefOuLspZs%2F1jEkzurLAyYoIGKgXajB60kk4LgUIO4%2F8uqNTssmpj%2FvTnxKNTvaa7m2u9nJTFMoVrOVRaclH69EXWHEQiFtpKz%2B9juYytMo%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
cache-control
max-age=43200
CF-RAY
6b99f6cc2b4b59f5-MXP
expires
Tue, 07 Dec 2021 13:26:08 GMT
metamask-staging-2.webflow.css
matemasks.cloud/css/ 		140 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://matemasks.cloud/css/metamask-staging-2.webflow.css
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:97fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0303457f6f7d7fe875267dfd0bc288a0450757e6a8d4450963ef43ea79b78e6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:26:08 GMT
content-encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 30 Oct 2021 18:01:02 GMT
Server
cloudflare
etag
W/"617d885e-22f58"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B3Hy92L9OKW7Y%2FTxsyu7v8XOa5C9ueQTf3zBAGizlmfaSAovXo%2FTY2bIacWDvfRm5BDa4G2hzF2C7kalStN0Qaz2bH456tEy8WGbk622KiA1s5acS9l%2FSC7ZF3OW%2FlPPKWJgDI%2FiZKoebKCy214%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
text/css
cache-control
max-age=43200
CF-RAY
6b99f6cc2b5e374e-MXP
expires
Tue, 07 Dec 2021 13:26:08 GMT
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 18:25:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25255
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 06 Dec 2022 18:25:13 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-37075177-6
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4b06d6f2f40af1dc33773ac7c5fc303462a98ccd73bfd8d3593e90ba4f775d82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 01:26:08 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36231
x-xss-protection
0
last-modified
Tue, 07 Dec 2021 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 07 Dec 2021 01:26:08 GMT
bowser.min.js
cdnjs.cloudflare.com/ajax/libs/bowser/1.9.4/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/bowser/1.9.4/bowser.min.js
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b52f6b6011741e76cefa2be41164bbc9b33bba334b9ad15b03abad37b609d983
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
http://matemasks.cloud/
Origin
http://matemasks.cloud
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 01:26:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
6429265
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
2561
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:06:40 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03d90-1edd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgRPlysH8m5DqcvRCtsu3i40BZWosLFi%2Bwmq0DZ8p9dLgiM2TlJpxek8MiV%2B%2BhoKgiqjuMi3Mi0bsCU9JtXg9tbcfgNHvfrO3ZgD9Jnb0U6yDmAgS7xociSmkMPUVILX84R5zWmTCHPoLyDN5ulV9DNv"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6b99f6cc4d69d600-MXP
expires
Sun, 27 Nov 2022 01:26:08 GMT
mm-logo.svg
matemasks.cloud/images/ 		12 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://matemasks.cloud/images/mm-logo.svg
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:97fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:26:08 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
last-modified
Sat, 30 Oct 2021 18:02:46 GMT
Server
cloudflare
etag
W/"617d88c6-2ef3"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5Vh%2BJB5ZRidh%2FqE96lfsCQu2WymSC0o3Y%2FIMyrXvF1utt4TJxryHtoqhNZotl%2FJpFdu7qvmlJAj%2BE0qAuwpGqFhSZKdj3vRRPulSSW3ZfL2s6OOfwHX1yRvR2QwBnjYBWbXjaKwGu893YZ7z0M%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/svg+xml
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Cache-Control
max-age=14400
Transfer-Encoding
chunked
Connection
keep-alive
CF-RAY
6b99f6ccbbd759f5-MXP
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
download-extension-p-800.png
matemasks.cloud/images/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://matemasks.cloud/images/download-extension-p-800.png
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:97fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87644982f01044c06aa36da2713d8b652ffa95af674e22cbc7019f6415ad12d2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:26:08 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
27701
last-modified
Sat, 30 Oct 2021 18:10:14 GMT
Server
cloudflare
etag
"617d8a86-6c35"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IGBlIGtPNMJR9Xo4VGBlxGOoBEtCnzuWFaY8A7WiQLFx9%2FlfUnuba%2Fco2dAwkjMclKPG6GCxH6cpZzQrczP0%2F9e9Usj%2BZ1j6SlLYhkaNJT4FIUK7kz1QTSSER%2FNZpKUI1fcTCfoHr9oVCGh4a6s%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
max-age=2592000
Accept-Ranges
bytes
CF-RAY
6b99f6ccbe41d60c-MXP
expires
Thu, 06 Jan 2022 01:26:08 GMT
download-ios-p-800.png
matemasks.cloud/images/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://matemasks.cloud/images/download-ios-p-800.png
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:97fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13c6d99edad1de7e82983bd0c7fd154513e4c06e29a665d94ead2512f60d33ce

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:26:08 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
28529
last-modified
Sat, 30 Oct 2021 18:10:22 GMT
Server
cloudflare
etag
"617d8a8e-6f71"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MYoEpcWECnfFPZVEY3qRMKIkgPOAr8ZrRRn%2BSkSEaDCAVYdbuPr7%2BAZoYMYUcYUDI2zf3YW4gGkObLv9Bz79Ni%2FaVV01P0k33cfrY6OqTIOLuNxfnGK0uC9vRjLtWULsrTXGhBm8jZQoxglUU7I%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
max-age=2592000
Accept-Ranges
bytes
CF-RAY
6b99f6cceaab5a2b-MXP
expires
Thu, 06 Jan 2022 01:26:08 GMT
download-android-p-800.png
matemasks.cloud/images/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://matemasks.cloud/images/download-android-p-800.png
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:97fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b8eaa78003163540fcc8338d3905798c11153211a28c60c59b125a4784954d0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:26:08 GMT
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
30632
last-modified
Sat, 30 Oct 2021 18:10:28 GMT
Server
cloudflare
etag
"617d8a94-77a8"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sv2L7U1khKQ4Zh%2BjotWC%2FURMpsrrgjRePwlhrAIA4jnnh%2BQO2CW1F4we75oW57HVgQKum3ZUw27eCjFaKbzvUIPJoGTl%2FkQUfzMBPA%2Fv%2FHopu3hwWtGDgbd6fZm2V9JALTYG9ogkzu4tNnW5QIM%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
image/png
cache-control
max-age=2592000
Accept-Ranges
bytes
CF-RAY
6b99f6cd1c2d59f5-MXP
expires
Thu, 06 Jan 2022 01:26:08 GMT
z_stat.php
s4.cnzz.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.cnzz.com/z_stat.php?id=1280511018&web_id=1280511018
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
58.215.157.250 , China, ASN23650 (CHINANET-JIANGSU-PROVINCE-IDC AS Number for CHINANET jiangsu province backbone, CN),
Reverse DNS
Software
Tengine / PHP/5.5.25
Resource Hash
701ace96f520914f22ab2227ebcf0cee65f032efe26a6276be8aeb5f1e2db2ac

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 22:36:02 GMT
content-encoding
gzip
age
10211
x-powered-by
PHP/5.5.25
x-cache
HIT TCP_MEM_HIT dirn:7:294496929
x-swift-cachetime
10800
x-swift-savetime
Mon, 06 Dec 2021 22:36:02 GMT
content-length
4049
last-modified
Mon, 06 Dec 2021 22:36:02 GMT
server
Tengine
vary
Accept-Encoding
ali-swift-global-savetime
1638830162
content-type
application/javascript
via
cache40.l2cn2656[41,41,200-0,M], cache9.l2cn2656[42,0], cache16.cn2175[0,0,200-0,H], cache8.cn2175[1,0]
cache-control
max-age=5400,s-maxage=10800
timing-allow-origin
*
eagleid
3ad79d1c16388403736076490e
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=604ec65d7935b45ce251b35e
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.3.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-3-46.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
http://matemasks.cloud/
Origin
http://matemasks.cloud
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 06 Dec 2021 20:53:38 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
16351
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 a56d6b55603697d6c44b19d4f907baaa.cloudfront.net (CloudFront)
cache-control
max-age=84600, must-revalidate
x-amz-cf-pop
FRA6-C1
x-amz-cf-id
lVi1s8GS4JEDZCcwbgXbIyjj5zN1HyjKLBOk3vqq8dGzkNnZddsv6A==
webflow.js
matemasks.cloud/js/ 		555 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://matemasks.cloud/js/webflow.js
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:97fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e9596be4245c771dd43a5b22c07b2f5034b042f002fe7d83365ace455f2eff3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:26:08 GMT
content-encoding
gzip
CF-Cache-Status
MISS
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Transfer-Encoding
chunked
Connection
keep-alive
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified
Sat, 30 Oct 2021 17:58:40 GMT
Server
cloudflare
etag
W/"617d87d0-8acac"
vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1yo2RT63bZKVzUTFMZVzHB2WOIaoCDlXvVcw9KKNZCYuafNG925tmQ%2B2YeKUNXnH0edwp%2FqpTZjf9BA56fdwa8OI3WJmv422YOcSfVzHXXDMc6NOYWPaDMNG4UuBxW6s8GdScxpfEkBPYhJWyI%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
cache-control
max-age=43200
CF-RAY
6b99f6ccbb9d374e-MXP
expires
Tue, 07 Dec 2021 13:26:08 GMT
css
fonts.googleapis.com/ 		750 B
934 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Changa+One:400,400italic
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
HTTP/1.1
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f5d23f275260f96c98fe0cf7365b73707d8151b43332f476fefadb2e5706ce37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:26:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Tue, 07 Dec 2021 01:26:08 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Tue, 07 Dec 2021 01:26:08 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845

Request headers

Referer
http://matemasks.cloud/
Origin
http://matemasks.cloud
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
application/x-font-ttf;charset=utf-8
EuclidCircularB-Regular-WebXL.woff2
matemasks.cloud/fonts/ 		44 KB
45 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://matemasks.cloud/fonts/EuclidCircularB-Regular-WebXL.woff2
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/css/metamask-staging-2.webflow.css
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:97fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Request headers

Referer
http://matemasks.cloud/css/metamask-staging-2.webflow.css
Origin
http://matemasks.cloud
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:26:08 GMT
CF-Cache-Status
MISS
last-modified
Sat, 30 Oct 2021 18:07:02 GMT
Server
cloudflare
etag
"617d89c6-b08c"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EjGjuh%2FuiuPlT3akiYuFTxsU%2FI0FMhGhamqBw3zXbcDJI8k4ve5I29iTFEUbKBL4W%2BEDSEExjIeEwUsIGbgwl%2B0wlShmrBH%2FLWUB3wvRJNLVWxEjMLCKr8a0OFFfFa2A2%2BUQcNw06C%2F3GkA0GdU%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
font/woff2
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6b99f6ccd91a0f7a-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
45196
EuclidCircularB-Bold-WebXL.woff2
matemasks.cloud/fonts/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://matemasks.cloud/fonts/EuclidCircularB-Bold-WebXL.woff2
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/css/metamask-staging-2.webflow.css
Protocol
HTTP/1.1
Server
2606:4700:3032::ac43:97fa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Request headers

Referer
http://matemasks.cloud/css/metamask-staging-2.webflow.css
Origin
http://matemasks.cloud
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 07 Dec 2021 01:26:08 GMT
CF-Cache-Status
MISS
last-modified
Sat, 30 Oct 2021 18:06:38 GMT
Server
cloudflare
etag
"617d89ae-ae00"
Vary
Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1EVHy7gnvZkwjCNixjbH2dWGWOOqp2PVOsfxPee8I4M5oCJjP%2FUSVO7PG0OxEj7qKqZyTiQH5TsThRO95OSFTsHe0wczu2a0GWQp0S%2Bi1Oyp9B8AHKhKBZQOs4%2B9heaWrce3yzFHKa4iYebiS9Q%3D"}],"group":"cf-nel","max_age":604800}
Content-Type
font/woff2
Cache-Control
max-age=14400
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
6b99f6ccdd013757-MXP
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
Content-Length
44544
xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
fonts.gstatic.com/s/changaone/v13/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/changaone/v13/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Changa+One:400,400italic
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2bce7e3f85456cb30a1803f8f261157ca8922d7e0b1c5baf421d65cfd87619d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://matemasks.cloud
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Tue, 30 Nov 2021 18:15:21 GMT
X-Content-Type-Options
nosniff
Age
544247
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
7924
X-XSS-Protection
0
Last-Modified
Tue, 01 Sep 2020 04:39:55 GMT
Server
sffe
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="apps-themes"
Expires
Wed, 30 Nov 2022 18:15:21 GMT
xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
fonts.gstatic.com/s/changaone/v13/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://fonts.gstatic.com/s/changaone/v13/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
Requested by
Host: fonts.googleapis.com
URL: http://fonts.googleapis.com/css?family=Changa+One:400,400italic
Protocol
HTTP/1.1
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c6596dccd4b15e7ab0a21d6b35c75d0f0531d258f342869890165ac974706b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://fonts.googleapis.com/
Origin
http://matemasks.cloud
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Date
Wed, 01 Dec 2021 20:20:40 GMT
X-Content-Type-Options
nosniff
Age
450328
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy
cross-origin
Content-Length
8364
X-XSS-Protection
0
Last-Modified
Tue, 01 Sep 2020 04:36:56 GMT
Server
sffe
Report-To
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Content-Type
font/woff2
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Cross-Origin-Opener-Policy-Report-Only
same-origin; report-to="apps-themes"
Expires
Thu, 01 Dec 2022 20:20:40 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-37075177-6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6665
date
Mon, 06 Dec 2021 23:35:03 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Tue, 07 Dec 2021 01:35:03 GMT
collect
www.google-analytics.com/j/ 		1 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1342726727&t=pageview&_s=1&dl=http%3A%2F%2Fmatemasks.cloud%2F&ul=en-us&de=UTF-8&dt=MetaMask%20Download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1155696668&gjid=1209630137&cid=1634338528.1638840368&tid=UA-37075177-6&_gid=313575185.1638840368&_r=1&gtm=2ouc10&z=845833258
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://matemasks.cloud/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 07 Dec 2021 01:26:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
http://matemasks.cloud
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
core.php
c.cnzz.com/ 		0
0
stat.htm
z3.cnzz.com/ 		2 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://z3.cnzz.com/stat.htm?id=1280511018&r=&lg=en-us&ntime=none&cnzz_eid=865671528-1638830162-&showp=1600x1200&p=http%3A%2F%2Fmatemasks.cloud%2F&t=MetaMask%20Download&umuuid=17d927f91df385-0a6d6b2902d6b3-978183a-1d4c00-17d927f91e010d1&h=1&rnd=1678721071
Requested by
Host: matemasks.cloud
URL: http://matemasks.cloud/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2408:4001:f00::2f Beijing, China, ASN37963 (CNNIC-ALIBABA-CN-NET-AP Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://matemasks.cloud/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 07 Dec 2021 01:26:15 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/html; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
c.cnzz.com
URL
https://c.cnzz.com/core.php?web_id=1280511018&t=z

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| WebFont function| gtag object| dataLayer object| bowser object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData object| _cz_loaded string| _cz_account object| _czc object| _CNZZDbridge_1280511018 object| cnzz_image_1074654529 function| $ function| jQuery function| tram object| Webflow

5 Cookies

Domain/Path Name / Value
.matemasks.cloud/ Name: _ga
Value: GA1.2.1634338528.1638840368
.matemasks.cloud/ Name: _gid
Value: GA1.2.313575185.1638840368
.matemasks.cloud/ Name: _gat_gtag_UA_37075177_6
Value: 1
.matemasks.cloud/ Name: UM_distinctid
Value: 17d927f91df385-0a6d6b2902d6b3-978183a-1d4c00-17d927f91e010d1
matemasks.cloud/ Name: CNZZDATA1280511018
Value: 865671528-1638830162-%7C1638830162

3 Console Messages

Source Level URL
Text
javascript warning URL: https://s4.cnzz.com/z_stat.php?id=1280511018&web_id=1280511018
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/core.php?web_id=1280511018&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://s4.cnzz.com/z_stat.php?id=1280511018&web_id=1280511018
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://c.cnzz.com/core.php?web_id=1280511018&t=z, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://c.cnzz.com/core.php?web_id=1280511018&t=z
Message:
Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
c.cnzz.com
cdnjs.cloudflare.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
matemasks.cloud
s4.cnzz.com
www.google-analytics.com
www.googletagmanager.com
z3.cnzz.com
c.cnzz.com
2408:4001:f00::2f
2606:4700:3032::ac43:97fa
2606:4700::6810:125e
2a00:1450:4001:801::2008
2a00:1450:4001:809::200a
2a00:1450:4001:80e::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82f::200a
58.215.157.250
99.86.3.46
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
13c6d99edad1de7e82983bd0c7fd154513e4c06e29a665d94ead2512f60d33ce
25194b73ec31c5fa1e315cd30fd7428f4075d725740663aea2e60d1de61288cb
2e9596be4245c771dd43a5b22c07b2f5034b042f002fe7d83365ace455f2eff3
4201ce28fb232df36f1dec6818c4ca5f5ab47a890e8b1c45ac7834d8758dfeca
4b06d6f2f40af1dc33773ac7c5fc303462a98ccd73bfd8d3593e90ba4f775d82
5b8eaa78003163540fcc8338d3905798c11153211a28c60c59b125a4784954d0
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
701ace96f520914f22ab2227ebcf0cee65f032efe26a6276be8aeb5f1e2db2ac
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
87644982f01044c06aa36da2713d8b652ffa95af674e22cbc7019f6415ad12d2
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
98466e077622024691f753e371e3229a88e098b538b8fcbc9d341f4c2ee90c30
9c6596dccd4b15e7ab0a21d6b35c75d0f0531d258f342869890165ac974706b3
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b0303457f6f7d7fe875267dfd0bc288a0450757e6a8d4450963ef43ea79b78e6
b52f6b6011741e76cefa2be41164bbc9b33bba334b9ad15b03abad37b609d983
e2bce7e3f85456cb30a1803f8f261157ca8922d7e0b1c5baf421d65cfd87619d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5d23f275260f96c98fe0cf7365b73707d8151b43332f476fefadb2e5706ce37
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d