{"report_id":"45b01eb8-81ae-4b67-866c-46fdc293118e","version":6,"status":"done","tags":["malicious","clickfix"],"date":"2026-05-06T19:39:07Z","url":{"schema":"http","addr":"votes-lido.app","fqdn":"votes-lido.app","domain":"votes-lido.app","tld":"app"},"ip":{"addr":"104.21.34.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"final":{"url":{"schema":"https","addr":"votes-lido.app/","fqdn":"votes-lido.app","domain":"votes-lido.app","tld":"app"},"title":"Lido Liquid Staking","dom":{"size":0,"mime_type":"text/plain; charset=utf-8","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","dom_hash":"domhash1f07f384c75181c66badb60ab1ec770b","first_seen":"","last_seen":"","times_seen":0,"resource_available":false,"data":null}},"submit":{"url":{"schema":"http","addr":"votes-lido.app","fqdn":"votes-lido.app","domain":"votes-lido.app","tld":"app"},"ip":{"addr":"104.21.34.35","port":0,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"tags":null,"meta":null},"settings":{"access":"public","device_type":"desktop","expires_at":"2027-06-10T19:39:07Z","useragent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0","referer":"","cookies":null,"exit_node":"z0yflva4pidy47h"},"stats":{"alert_count":{"ids":0,"urlquery":2,"analyzer":0}},"detection":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malicious - Copy/Paste Social Engineering (ClickFix)","verdict":"malicious","severity":"medium","comment":"","tags":["malicious","clickfix"],"meta":null},{"sensor_name":"urlquery","alert":"Malicious - Copy/Paste Social Engineering (ClickFix)","verdict":"malicious","severity":"medium","comment":"","tags":["malicious","clickfix"],"meta":null}]},"summary":[{"fqdn":"votes-lido.app","ip":{"addr":"172.67.167.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"domain_registered":"unknown","domain_rank":0,"first_seen":"No data","last_seen":"No data","alert_count":3,"request_count":5,"received_data":43110057,"sent_data":2212,"comment":"","tags":null,"fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}]},{"fqdn":"rpc-mainnet.matic.quiknode.pro","ip":{"addr":"150.136.141.142","port":443,"asn":31898,"as":"ORACLE-BMC-31898","country":"United States","country_code":"US"},"domain_registered":"2018-01-05","domain_rank":2989773,"first_seen":"2021-05-19T17:40:41Z","last_seen":"2026-05-03T02:33:41.611548Z","alert_count":0,"request_count":2,"received_data":1027,"sent_data":1046,"comment":"","tags":null,"fingerprints":null}],"files":null,"artifacts":{"windows_shortcuts":null,"files":null,"telegram":null,"pdfs":null,"clipboard":null},"sensors":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malicious - Copy/Paste Social Engineering (ClickFix)","verdict":"malicious","severity":"medium","comment":"","tags":["malicious","clickfix"],"meta":null}]},"javascript":{"script":[{"url":{"schema":"https","addr":"votes-lido.app/","fqdn":"votes-lido.app","domain":"votes-lido.app","tld":"app"},"ip":{"addr":"172.67.167.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"introduction_type":"Function","is_inline":false,"md5":"2d6cad343d3a2b39a83a6ee4d97b1c83","sha1":"cc525fd6bcdf9602f5d3ffaac1c2885c09098fee","sha256":"54b5755ecd88001b54a9ba70ed1d78d9d3a6bf692aaa0fbe57b3831c5d996d50","sha512":"e1b27e161b169d5c5ea25d50d8469b086f403a127e3e5c2a6a19cfa7b5ec7084e43b1d80b7839190698edfc6b48c6badcc9f2781d785b2e13033a2976522a0be","ssdeep":"192:ISEEBVoggSJuwBkMhjx9mEMEDzr9hsBToO52uZGUvsJCmO5Z1Mz91vscKBhrcgWs:sESv+9mSrmZhvsJ/iZ1MwBhmfQ44","tlshash":"7242d7643d6384b542f800e110be9105f9bbe71138cdc0d4b1df9d460baf6aab1b7a2e","size":12833,"data":"","first_seen":"2026-05-04T09:17:23.43804Z","last_seen":"2026-05-06T23:06:28.604179Z","times_seen":8,"alerts":{"ids":null,"analyzer":null,"urlquery":null}}],"eval":null,"write":null,"console":null},"http":[{"url":{"schema":"https","addr":"votes-lido.app/","fqdn":"votes-lido.app","domain":"votes-lido.app","tld":"app"},"ip":{"addr":"172.67.167.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":true,"resource_type":"document","requested_by":"","date":"2026-05-06T19:38:39.748Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"votes-lido.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 07:53:55 GMT","end":"Mon, 03 Aug 2026 07:53:54 GMT"},"fingerprint":{"sha1":"36:AC:59:4E:96:FE:42:25:99:12:8F:12:4D:3F:13:64:68:AC:91:E1","sha256":"53:5C:D3:70:BB:EA:58:3D:17:FC:C2:9C:D3:9F:4E:04:94:E0:2D:5F:BC:75:18:88:75:FB:E3:4B:E5:D6:EA:8D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: votes-lido.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nUpgrade-Insecure-Requests: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: document\r\nSec-Fetch-Mode: navigate\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/2 200 OK\r\ndate: Wed, 06 May 2026 19:38:39 GMT\r\ncontent-type: text/html; charset=utf-8\r\nserver: cloudflare\r\nlast-modified: Mon, 04 May 2026 03:05:58 GMT\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\nvary: accept-encoding\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=lc7z%2BV7jSgytbCzxCSoKqdFUqmpH%2BenRc7gLUS5K5xlxWx61wNE7Iabcr3mBGoBOV2CizepqE8CHw%2FvL6NH2Qy%2Flhp8D3rZRY%2BVcChX%2BL7e4BBm6hDcjeVlfntPMLcaYOg%3D%3D\"}]}\r\ncf-cache-status: DYNAMIC\r\ncontent-encoding: br\r\ncf-ray: 9f7a724eedadb521-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11997549,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (19346)","md5":"850240067982424bb92eb78a1c6fad98","sha1":"d5e66fcebd0c84792e4020e77f9fd30314ce92af","sha256":"c6408c862188a9b1b3655197bad630d62b2331811b2ade9374f1a07b6cd6b657","sha512":"6cde2e263e9e8251f2ab8b7a4c114008be9be1cebcaf164005f98b6fbbf07008d6db0f5496cfbfb94d874734a7834f8cc2149233576d663243e1c0e365edaa3b","ssdeep":"12288:AfHc3G2DOqFrIfdrIfR7NLgiHAEslYyBNZ2RXwhGAM7EzSGcJIMzNqw1YlqX4c9c:AqHIJI57ZAEsyyfM7cwJDAw1YK1qz","tlshash":"7025bffe7170352de00bc62fdb8eed8c98a4248bfa2145c5fadb838d85cb5d1aa54534","first_seen":"2026-05-06T19:39:13.000702Z","last_seen":"2026-05-06T19:44:05.730353Z","times_seen":2,"resource_available":true,"data":null}},"time_used":230,"timings":{"blocked":72,"dns":58,"connect":1,"send":0,"wait":85,"receive":0,"ssl":11},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malicious - Copy/Paste Social Engineering (ClickFix)","verdict":"malicious","severity":"medium","comment":"","tags":["malicious","clickfix"],"meta":null}]}},{"url":{"schema":"https","addr":"votes-lido.app/assets/eleven.js","fqdn":"votes-lido.app","domain":"votes-lido.app","tld":"app"},"ip":{"addr":"172.67.167.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"script","requested_by":"https://votes-lido.app/","date":"2026-05-06T19:38:40.028Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"votes-lido.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 07:53:55 GMT","end":"Mon, 03 Aug 2026 07:53:54 GMT"},"fingerprint":{"sha1":"36:AC:59:4E:96:FE:42:25:99:12:8F:12:4D:3F:13:64:68:AC:91:E1","sha256":"53:5C:D3:70:BB:EA:58:3D:17:FC:C2:9C:D3:9F:4E:04:94:E0:2D:5F:BC:75:18:88:75:FB:E3:4B:E5:D6:EA:8D"}}},"request":{"raw":"GET /assets/eleven.js HTTP/1.1\r\nHost: votes-lido.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://votes-lido.app/\r\nSec-Fetch-Dest: script\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 06 May 2026 19:38:40 GMT\r\ncontent-type: application/javascript; charset=utf-8\r\nlast-modified: Sun, 26 Apr 2026 00:18:30 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\netag: W/\"69ed59d6-6c8ccd\"\r\ncontent-encoding: gzip\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=G7x1VDO3TehF8zV3FwX3OuKVyBofBau6G%2FcV9hMZl7Ez6UAxQFWHsjCoEXp9iiWgwcw0vry%2ByU4zTVNFFvXhRc9750O88d0RCtaFZq9BhxhG8PQonRlaUDdy41pn%2By0vow%3D%3D\"}]}\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f7a7250292a568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":7113933,"size_decoded":0,"mime_type":"application/javascript; charset=utf-8","magic":"JavaScript source, ASCII text, with very long lines (65536), with no line terminators","md5":"62851808d35a19a388e28322acb50c32","sha1":"9246ecbbf04b8321f24277696e6da8e50e453c3b","sha256":"1dcc048947d4b37eb39849e83a5a99a6e5d5448d0871e1a2f1265c0c2b956ad5","sha512":"d1a55d3b22d1ee3091f90b55fa323ab28cea8348c4f9b8fcfd9dba59bb8174720004b5fd0ae42d72bbd2f648be559898aefbade4ba6478c6d2267bd8c8dddf84","ssdeep":"24576:apfRyhK29Fcq5jIDfgVoOVta8ZIWAcFBra+y:aK4MO","tlshash":"c42507cf27d9b5551212307b3d1a2093e4aecc99b98ccd94f797ac2ef84c72ca1b5624","first_seen":"2026-04-24T15:23:09.416345Z","last_seen":"2026-05-27T01:11:41.354041Z","times_seen":166,"resource_available":false,"data":null}},"time_used":494,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":92,"receive":402,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"votes-lido.app/","fqdn":"votes-lido.app","domain":"votes-lido.app","tld":"app"},"ip":{"addr":"172.67.167.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"font","requested_by":"https://votes-lido.app/","date":"2026-05-06T19:38:40.034Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"votes-lido.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 07:53:55 GMT","end":"Mon, 03 Aug 2026 07:53:54 GMT"},"fingerprint":{"sha1":"36:AC:59:4E:96:FE:42:25:99:12:8F:12:4D:3F:13:64:68:AC:91:E1","sha256":"53:5C:D3:70:BB:EA:58:3D:17:FC:C2:9C:D3:9F:4E:04:94:E0:2D:5F:BC:75:18:88:75:FB:E3:4B:E5:D6:EA:8D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: votes-lido.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://votes-lido.app/\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: font\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 06 May 2026 19:38:40 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Mon, 04 May 2026 03:05:58 GMT\r\nvary: accept-encoding\r\npriority: u=3,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=373%2BdTPz2vzStOllOyHyXUALzAxHCnh%2BBX9ocMHxiHD%2BAfZ7CQEc06DyNnCvcJyKQm8oojeXbHb4%2BlzGClJkQxFUQh3OwrR%2BiupYfmMT16q1gAC7217zZGLCXI6K6ASdEA%3D%3D\"}]}\r\ncf-ray: 9f7a7250392c568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11997549,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (19346)","md5":"850240067982424bb92eb78a1c6fad98","sha1":"d5e66fcebd0c84792e4020e77f9fd30314ce92af","sha256":"c6408c862188a9b1b3655197bad630d62b2331811b2ade9374f1a07b6cd6b657","sha512":"6cde2e263e9e8251f2ab8b7a4c114008be9be1cebcaf164005f98b6fbbf07008d6db0f5496cfbfb94d874734a7834f8cc2149233576d663243e1c0e365edaa3b","ssdeep":"12288:AfHc3G2DOqFrIfdrIfR7NLgiHAEslYyBNZ2RXwhGAM7EzSGcJIMzNqw1YlqX4c9c:AqHIJI57ZAEsyyfM7cwJDAw1YK1qz","tlshash":"7025bffe7170352de00bc62fdb8eed8c98a4248bfa2145c5fadb838d85cb5d1aa54534","first_seen":"2026-05-06T19:39:13.000702Z","last_seen":"2026-05-06T19:44:05.730353Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1038,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":84,"receive":954,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malicious - Copy/Paste Social Engineering (ClickFix)","verdict":"malicious","severity":"medium","comment":"","tags":["malicious","clickfix"],"meta":null}]}},{"url":{"schema":"https","addr":"rpc-mainnet.matic.quiknode.pro/","fqdn":"rpc-mainnet.matic.quiknode.pro","domain":"quiknode.pro","tld":"pro"},"ip":{"addr":"150.136.141.142","port":443,"asn":31898,"as":"ORACLE-BMC-31898","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://votes-lido.app/","date":"2026-05-06T19:38:40.044Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.matic.quiknode.pro","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 19:00:00 GMT","end":"Sun, 31 May 2026 18:59:59 GMT"},"fingerprint":{"sha1":"02:83:6D:DB:CA:18:CD:B3:5C:F5:94:9D:AC:8F:3E:87:CD:9C:DA:DF","sha256":"98:DA:12:2E:FC:0F:89:2D:D2:11:9F:81:3F:A0:62:53:A5:75:D7:97:B9:13:44:7A:9D:19:C5:66:C7:43:B1:FA"}}},"request":{"raw":"OPTIONS / HTTP/1.1\r\nHost: rpc-mainnet.matic.quiknode.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: */*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nAccess-Control-Request-Method: POST\r\nAccess-Control-Request-Headers: content-type\r\nReferer: https://votes-lido.app/\r\nOrigin: https://votes-lido.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"OPTIONS"},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,Authorization,User-Agent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: https://votes-lido.app\r\nvary: Accept-Encoding\r\nx-node-id: polygon_matic_iad\r\ncontent-length: 0\r\ndate: Wed, 06 May 2026 19:38:40 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":0,"size_decoded":0,"mime_type":"text/plain","magic":"","md5":"d41d8cd98f00b204e9800998ecf8427e","sha1":"da39a3ee5e6b4b0d3255bfef95601890afd80709","sha256":"e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855","sha512":"cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e","ssdeep":"","tlshash":"","first_seen":"0001-01-01T00:00:00Z","last_seen":"2026-06-07T21:34:24.355052Z","times_seen":16222068,"resource_available":true,"data":null}},"time_used":573,"timings":{"blocked":239,"dns":25,"connect":94,"send":0,"wait":95,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"votes-lido.app/","fqdn":"votes-lido.app","domain":"votes-lido.app","tld":"app"},"ip":{"addr":"172.67.167.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"stylesheet","requested_by":"https://votes-lido.app/","date":"2026-05-06T19:38:40.046Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"votes-lido.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 07:53:55 GMT","end":"Mon, 03 Aug 2026 07:53:54 GMT"},"fingerprint":{"sha1":"36:AC:59:4E:96:FE:42:25:99:12:8F:12:4D:3F:13:64:68:AC:91:E1","sha256":"53:5C:D3:70:BB:EA:58:3D:17:FC:C2:9C:D3:9F:4E:04:94:E0:2D:5F:BC:75:18:88:75:FB:E3:4B:E5:D6:EA:8D"}}},"request":{"raw":"GET / HTTP/1.1\r\nHost: votes-lido.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: text/css,*/*;q=0.1\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://votes-lido.app/\r\nSec-Fetch-Dest: style\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 200 OK\r\nserver: cloudflare\r\ndate: Wed, 06 May 2026 19:38:41 GMT\r\ncontent-type: text/html; charset=utf-8\r\nlast-modified: Mon, 04 May 2026 03:05:58 GMT\r\nvary: accept-encoding\r\npriority: u=2,i=?0\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncontent-encoding: br\r\ncf-cache-status: DYNAMIC\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=3Jb%2FdXaxNhijAraqiqZUZ6BD9KgXSUu9ACXerFO3h0WQVYd2KYh51YS1seKjniV9ITl08JooTMoxyYFW9o3WA0Ba1rYefbhsHhJIVBKpB08dYXuPV2aUImUD%2FchMLk2UAA%3D%3D\"}]}\r\ncf-ray: 9f7a7250492e568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":11997549,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with very long lines (19346)","md5":"850240067982424bb92eb78a1c6fad98","sha1":"d5e66fcebd0c84792e4020e77f9fd30314ce92af","sha256":"c6408c862188a9b1b3655197bad630d62b2331811b2ade9374f1a07b6cd6b657","sha512":"6cde2e263e9e8251f2ab8b7a4c114008be9be1cebcaf164005f98b6fbbf07008d6db0f5496cfbfb94d874734a7834f8cc2149233576d663243e1c0e365edaa3b","ssdeep":"12288:AfHc3G2DOqFrIfdrIfR7NLgiHAEslYyBNZ2RXwhGAM7EzSGcJIMzNqw1YlqX4c9c:AqHIJI57ZAEsyyfM7cwJDAw1YK1qz","tlshash":"7025bffe7170352de00bc62fdb8eed8c98a4248bfa2145c5fadb838d85cb5d1aa54534","first_seen":"2026-05-06T19:39:13.000702Z","last_seen":"2026-05-06T19:44:05.730353Z","times_seen":2,"resource_available":true,"data":null}},"time_used":1997,"timings":{"blocked":0,"dns":0,"connect":0,"send":0,"wait":1103,"receive":894,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":[{"sensor_name":"urlquery","alert":"Malicious - Copy/Paste Social Engineering (ClickFix)","verdict":"malicious","severity":"medium","comment":"","tags":["malicious","clickfix"],"meta":null}]}},{"url":{"schema":"https","addr":"rpc-mainnet.matic.quiknode.pro/","fqdn":"rpc-mainnet.matic.quiknode.pro","domain":"quiknode.pro","tld":"pro"},"ip":{"addr":"150.136.141.142","port":443,"asn":31898,"as":"ORACLE-BMC-31898","country":"United States","country_code":"US"},"is_navigation_request":false,"resource_type":"fetch","requested_by":"https://votes-lido.app/","date":"2026-05-06T19:38:40.450Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"*.matic.quiknode.pro","organization":""},"issuer":{"commonName":"E8","organization":"Let's Encrypt"},"validity":{"start":"Mon, 02 Mar 2026 19:00:00 GMT","end":"Sun, 31 May 2026 18:59:59 GMT"},"fingerprint":{"sha1":"02:83:6D:DB:CA:18:CD:B3:5C:F5:94:9D:AC:8F:3E:87:CD:9C:DA:DF","sha256":"98:DA:12:2E:FC:0F:89:2D:D2:11:9F:81:3F:A0:62:53:A5:75:D7:97:B9:13:44:7A:9D:19:C5:66:C7:43:B1:FA"}}},"request":{"raw":"POST / HTTP/1.1\r\nHost: rpc-mainnet.matic.quiknode.pro\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: application/json\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nReferer: https://votes-lido.app/\r\nContent-Type: application/json\r\nContent-Length: 136\r\nOrigin: https://votes-lido.app\r\nDNT: 1\r\nConnection: keep-alive\r\nSec-Fetch-Dest: empty\r\nSec-Fetch-Mode: cors\r\nSec-Fetch-Site: cross-site\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"POST","post_data":{"size":136,"data":"{\"jsonrpc\":\"2.0\",\"method\":\"eth_call\",\"params\":[{\"to\":\"0x7CB2F4b647D110aAeA4aE139cAD761fEf5cF1896\",\"data\":\"0xb68d1809\"},\"latest\"],\"id\":1}"}},"response":{"raw":"HTTP/2 200 OK\r\naccess-control-allow-credentials: true\r\naccess-control-allow-headers: Content-Type,Authorization,User-Agent\r\naccess-control-allow-methods: GET, POST, OPTIONS\r\naccess-control-allow-origin: https://votes-lido.app\r\ncontent-type: application/json\r\nvary: Accept-Encoding\r\nx-host-id: f1b546936d23e3b5-21dc26861bc646cd\r\nx-node-id: polygon_matic_iad\r\ncontent-length: 231\r\ndate: Wed, 06 May 2026 19:38:40 GMT\r\nX-Firefox-Spdy: h2\r\n\r\n","headers":null,"cookies":null,"status_code":"200","status_text":"OK","fingerprints":null,"data":{"size":231,"size_decoded":0,"mime_type":"application/json","magic":"JSON text data","md5":"44c391b6e163aaf3c3f91cb24c6b6123","sha1":"48973d4cd97cdb433eaf3741d5a18e6c7ec10c27","sha256":"e114c23bc79fbd3b1c75cbfd4568e23a7db2ca3f7a9a7d778334962386578219","sha512":"828ea66d448439451c0cf087a664abe86097517141f4d8ab92d44c46d8c4bc6c7aea805e124b48fd66693aab3019fa9a5b228900cb4a3e8461105a215142540b","ssdeep":"","tlshash":"37d012e4041bcf72e0b8498eb048b10071767f5fccc50e869a0c0dc461e8142b714333","first_seen":"2026-05-04T09:17:23.426164Z","last_seen":"2026-05-06T23:06:28.595502Z","times_seen":10,"resource_available":false,"data":null}},"time_used":96,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":96,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}},{"url":{"schema":"https","addr":"votes-lido.app/favicon.ico","fqdn":"votes-lido.app","domain":"votes-lido.app","tld":"app"},"ip":{"addr":"172.67.167.218","port":443,"asn":13335,"as":"CLOUDFLARENET","country":"","country_code":"zz"},"is_navigation_request":false,"resource_type":"img","requested_by":"https://votes-lido.app/","date":"2026-05-06T19:38:42.671Z","timestamp":0,"http_version":"","security_state":"secure","security_info":{"cipher_suite":"TLS_AES_128_GCM_SHA256","key_group_name":"x25519","signature_name":"ECDSA-P256-SHA256","protocol":"TLSv1.3","cert":{"subject":{"commonName":"votes-lido.app","organization":""},"issuer":{"commonName":"E7","organization":"Let's Encrypt"},"validity":{"start":"Tue, 05 May 2026 07:53:55 GMT","end":"Mon, 03 Aug 2026 07:53:54 GMT"},"fingerprint":{"sha1":"36:AC:59:4E:96:FE:42:25:99:12:8F:12:4D:3F:13:64:68:AC:91:E1","sha256":"53:5C:D3:70:BB:EA:58:3D:17:FC:C2:9C:D3:9F:4E:04:94:E0:2D:5F:BC:75:18:88:75:FB:E3:4B:E5:D6:EA:8D"}}},"request":{"raw":"GET /favicon.ico HTTP/1.1\r\nHost: votes-lido.app\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0\r\nAccept: image/avif,image/webp,*/*\r\nAccept-Language: en-US,en;q=0.5\r\nAccept-Encoding: gzip, deflate, br\r\nDNT: 1\r\nConnection: keep-alive\r\nReferer: https://votes-lido.app/\r\nSec-Fetch-Dest: image\r\nSec-Fetch-Mode: no-cors\r\nSec-Fetch-Site: same-origin\r\nPragma: no-cache\r\nCache-Control: no-cache\r\n\r\n","headers":null,"cookies":null,"method":"GET"},"response":{"raw":"HTTP/3 404 Not Found\r\nserver: cloudflare\r\ndate: Wed, 06 May 2026 19:38:42 GMT\r\ncontent-type: text/html; charset=utf-8\r\nreport-to: {\"group\":\"cf-nel\",\"max_age\":604800,\"endpoints\":[{\"url\":\"https://a.nel.cloudflare.com/report/v4?s=NfARpIFbnNekVkdfd%2BIKg1kzJlmTLFtiGkVdHKm18M1UBS51SV9apEc327M37WcHrMGmcAZ6Y3NN3%2BU0OQKRWDTpd8SkyYGRi4oTZabJvIig2felNm4zX0%2FMeVFPGT%2BxCw%3D%3D\"}]}\r\npriority: u=6,i=?0\r\ncache-control: max-age=14400\r\ncf-cache-status: MISS\r\ncontent-encoding: br\r\nnel: {\"report_to\":\"cf-nel\",\"success_fraction\":0.0,\"max_age\":604800}\r\ncf-ray: 9f7a7260aa15568d-OSL\r\nalt-svc: h3=\":443\"; ma=86400\r\nserver-timing: cfExtPri\r\n\r\n","headers":null,"cookies":null,"status_code":"404","status_text":"Not Found","fingerprints":[{"name":"Cloudflare","description":"Cloudflare is a web-infrastructure and website-security company, providing content-delivery-network services, DDoS mitigation, Internet security, and distributed domain-name-server services.","website":"https://www.cloudflare.com","common_platform_enumeration":"","icon":"CloudFlare.svg","categories":["CDN"]}],"data":{"size":153,"size_decoded":0,"mime_type":"text/html; charset=utf-8","magic":"HTML document, ASCII text, with CRLF line terminators","md5":"eb1be3f5478c6751f0de6e9128fecbf2","sha1":"94b9d1087b2551a6ab432abc63d64cafb5c212ad","sha256":"6e95d3011ecc51a72fec8b2a8e5b06b4e134c2b2cfe513bfce42d9029c6c8dd1","sha512":"78753808ec755c160823978aa8ebcc391c7c2c71a0b27c2271f2aa0be61349fff888e3775a9fbe9bef7f22d01adb60e1480356fa4654999ee40e6439e32f28e4","ssdeep":"","tlshash":"61c02b7d3513bc4cc5a3317422c37090c0da833764ba81128440810331cf3998ac3397","first_seen":"2026-03-26T19:37:59.367855Z","last_seen":"2026-06-07T01:46:18.198229Z","times_seen":1585,"resource_available":true,"data":null}},"time_used":78,"timings":{"blocked":-1,"dns":0,"connect":0,"send":0,"wait":78,"receive":0,"ssl":0},"alerts":{"ids":null,"analyzer":null,"urlquery":null}}]}