Report - matemska.com/

Report Overview

Visited public
2023-11-04 23:30:54
Tags
URL
matemska.com/
Finishing URL
matemska.com/
IP / ASN
172.67.145.89
#13335 CLOUDFLARENET
Title
MetaMask - A crypto wallet & gateway to blockchain apps

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
metamask.io	81413	2015-07-02	2015-11-15 18:16:41	2023-11-03 10:28:12	888 B	37 kB	185.199.110.153
matemska.com	unknown	2023-07-19	2023-07-23 02:35:38	2023-10-02 00:36:35	12 kB	1.9 MB	172.67.145.89
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-11-04 20:55:03	443 B	1.4 kB	142.250.74.106
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-04 21:47:53	3.2 kB	83 kB	216.58.207.227
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-04 10:20:57	4.0 kB	153 kB	216.58.207.228
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-11-04 21:58:51	4.4 kB	801 kB	142.250.74.67
perf.hsforms.com	10768	2013-09-18	2020-07-03 15:11:28	2023-11-04 12:01:48	503 B	1.1 kB	104.18.160.125
forms.hsforms.com	5160	2013-09-18	2018-03-07 16:21:13	2023-11-04 19:46:21	479 B	6.9 kB	104.18.160.125

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet
2023-11-04	medium	matemska.com/	Crypto/Wallet

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (20)

	URL	From	Size	First Seen	Last Seen
	matemska.com/	ScriptElement	73 B	2023-03-07	2025-05-06
Pretty URL matemska.com/ IP 172.67.145.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-05-06 11:44 Times Seen200 Hash ccf7a258eee5e12d2cb3d813a5da86c8 0d0c6985e493d2f610870c9259901a2511734328 441b05bfa42c0b589fd682ec21e9ba36e55f6ec2718fbb259a812cd0b999c28e Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tYXRlbXNrYS5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&badge=inline&cb=5eopy49p97fy	ScriptElement	75 B	2023-03-07	2025-05-09
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tYXRlbXNrYS5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&badge=inline&cb=5eopy49p97fy IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:15 Last Seen2025-05-09 04:35 Times Seen14226 Hash dca9d53787fff314e5bd1a123b28906a 1350c858f60bbb03d1b53b05cbad6cea82ff29d1 2475d902b4182bac667d464a44c89ee405e5cfd64156b30f811557cf2b347e2f Loading...

	matemska.com/	ScriptElement	181 B	2023-03-07	2025-05-09
Pretty URL matemska.com/ IP 172.67.145.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:17 Last Seen2025-05-09 05:05 Times Seen15838 Hash 0e9e3ad57abeefde87342864450cc232 4dc8676bf3417d597053d5f253fce034007f63da 9a37601d1f5a5f2fba3b000694d4bf5e035c606d5485dd94e2997cbe2efe5c26 Loading...

	matemska.com/forms/v2.js	ScriptElement	584 kB	2023-03-07	2024-08-21
Pretty URL matemska.com/forms/v2.js IP 172.67.145.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:59 Last Seen2024-08-21 06:51 Times Seen22 Hash ac8d91738c2c24a19b3af80a4da17919 edd091b78ad1f925d6722a20ca82d51299d7eeef 7b01eefec75fa2dedde4c39ef0d71394acf5a68474c93ffd5a0e05db0bf75503 Loading...

	www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm	ScriptElement	0 B	0001-01-01	2025-05-09
Pretty URL www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-09 05:13 Times Seen4634123 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js	ScriptElement	478 kB	2023-11-02	2023-11-10
Pretty URL www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js IP 142.250.74.67 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-02 08:53 Last Seen2023-11-10 04:27 Times Seen4605 Hash 0de5995e9ac19853eeffb8bbe74e6a7d 719e6fbcd0b38df859a6f7a8c51a820d7bf5970d c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37 Loading...

	matemska.com/	ScriptElement	116 B	2023-03-07	2025-05-06
Pretty URL matemska.com/ IP 172.67.145.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-05-06 11:44 Times Seen140 Hash 65eedcd8ea68974fc10b18a001f5ff0d d57d865c29e2ba5f817f850194c33f6d1e7ea064 681e6299492c0b7a15980513d81a420ff8d912dadc14d90148b77bd81018926e Loading...

	matemska.com/js/jquery-3.5.1.min.dc5e7f18c8.js	ScriptElement	90 kB	2023-03-07	2025-05-09
Pretty URL matemska.com/js/jquery-3.5.1.min.dc5e7f18c8.js IP 172.67.145.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-09 05:05 Times Seen108577 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=	ScriptElement	5.8 kB	2024-08-20	2024-08-20
Pretty URL forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= IP 104.18.160.125 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-08-20 20:52 Last Seen2024-08-20 20:52 Times Seen1 Hash c886934c529dcc0e3ab0660f85559012 16f63e1b957b5af4f9ec5b85df1446eabec0faaa cea25ba9295b0cdd82fac8ae6a65227b9c27175dfc10a4d0e693ed0aa245385f Loading...

	www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true	ScriptElement	1.0 kB	2023-11-03	2023-11-09
Pretty URL www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 12:38 Last Seen2023-11-09 14:37 Times Seen7 Hash ca445e0df8314d77d3379a952f63c0d2 f54afdecc94ba50b0cfbb9c4575ec38c6ea220e5 65e4a80ef2db9200ad31b69f5a00d380699f5f9bb32b624ae930954f516cdd7e Loading...

	matemska.com/ajax/libs/webfont/1.6.26/webfont.js	ScriptElement	13 kB	2023-03-07	2025-05-09
Pretty URL matemska.com/ajax/libs/webfont/1.6.26/webfont.js IP 172.67.145.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 04:35 Times Seen17502 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	matemska.com/	ScriptElement	184 B	2023-03-07	2025-05-06
Pretty URL matemska.com/ IP 172.67.145.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:02 Last Seen2025-05-06 11:44 Times Seen149 Hash 12c0659e2686c193368d09f53edc8090 e2a481f856253ec2b3dfe266ab035bc1ca650b72 7269e1e3bae2d22edc632e41922fd7e090dd785fdb749c05b577f78e9126075c Loading...

	matemska.com/js/webflow.js	ScriptElement	568 kB	2023-03-07	2025-05-04
Pretty URL matemska.com/js/webflow.js IP 172.67.145.89 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18 Last Seen2025-05-04 15:45 Times Seen94 Hash aa932307fd6818913c360441a1d21397 5d832542de495c05a829b2cdba867b8e508a69dc 8de8a14b1b42b80ff2a89d3afaccd40bad8e6f1b507cc20fe78408c8ff7aa252 Loading...

	www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tYXRlbXNrYS5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&badge=inline&cb=5eopy49p97fy	ScriptElement	52 kB	2024-08-20	2024-08-20
Pretty URL www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tYXRlbXNrYS5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&badge=inline&cb=5eopy49p97fy IP 216.58.207.228 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 20:52 Last Seen2024-08-20 20:52 Times Seen1 Hash 167d0da0591d30edb4c98470442b5f40 da96adaccbe27e8890f3cc2d05cb7d65545464c8 5e1367d768613ae95fe76550342a315dbaee64af2d62d85ac6b5c2b569a3000e Loading...

		Size	First Seen	Last Seen
	#1 Eval - d6f082f187bd5c59d8f039d6db12f77a	16 kB	2023-10-16 13:22	2024-08-21 04:33
Pretty Observations First Seen2023-10-16 13:22 Last Seen2024-08-21 04:33 Times Seen1905 Hash d6f082f187bd5c59d8f039d6db12f77a e09349d9ead83df26a9afc91906b95eb8fe16ed9 02b2e3d7f64e119afe950d3826c86d01bfe28f6bc3e61159e065eaaae5462bd3 Loading...

	#2 Eval - 18585099249f0557a231b7398800c8ba	17 kB	2024-08-20 20:52	2024-08-20 20:52
Pretty Observations First Seen2024-08-20 20:52 Last Seen2024-08-20 20:52 Times Seen1 Hash 18585099249f0557a231b7398800c8ba 2724f62551b285c3e9ad09ff12de1c942da071b9 8260e73dda94e85a036697a78dfa95ddbf190a0f6c293f3217fef1adca46845a Loading...

	#3 Eval - e99c7854a9c79ac99b0bff1cfe590a60	22 kB	2024-08-20 20:52	2024-08-20 20:52
Pretty Observations First Seen2024-08-20 20:52 Last Seen2024-08-20 20:52 Times Seen1 Hash e99c7854a9c79ac99b0bff1cfe590a60 3fbe582d2dd06dde6a657334e695392b25846769 7320e65b29a7db1b1136cb2468ce20bce42fa8e2a31e4d703a0c0074b41e8e3e Loading...

	#4 Eval - b17f7110857e02eac676414e484273e9	22 B	2023-10-16 09:31	2024-08-21 04:34
Pretty Observations First Seen2023-10-16 09:31 Last Seen2024-08-21 04:34 Times Seen1907 Hash b17f7110857e02eac676414e484273e9 b6904638d155f26304801dd8a8f67b1822560f2b 76698e9fabb0bc8a2cfe6685276abc44d9dcb66295c013caa7360ce1f95b6004 Loading...

	#5 Eval - 6d3217f8c14fdc2a87fc5ac2efb57748	64 B	2023-10-16 09:31	2024-08-21 04:34
Pretty Observations First Seen2023-10-16 09:31 Last Seen2024-08-21 04:34 Times Seen1909 Hash 6d3217f8c14fdc2a87fc5ac2efb57748 7b08ad6c6bb6a34fdc1a1ecca2659c4793263c5c 961d3533203f66b9d4592bd6a9bed92fffb3d87eef3aef1972aaf2ec571138c5 Loading...

	#6 Eval - 57824cab34a4a7305aaf00dce51fd41e	22 B	2023-10-16 09:31	2024-08-21 04:34
Pretty Observations First Seen2023-10-16 09:31 Last Seen2024-08-21 04:34 Times Seen1907 Hash 57824cab34a4a7305aaf00dce51fd41e 9a3abe5be836c305a41da6a63f5e56685059e975 2fea753e0757ef8f3649bab42f3909db13f650aca519e4871e52781939e19af9 Loading...

HTTP Transactions (53)

URL IP Response Size

metamask.io/images/mm-shop-hoodie-p-500.png

185.199.110.153

404 Not Found

18 kB

URL GET HTTP/2
metamask.io/images/mm-shop-hoodie-p-500.png
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://matemska.com/
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint83:6F:D9:3B:D8:B7:26:F8:C6:33:19:B3:21:34:ED:C3:6B:2B:31:DA
ValidityFri, 22 Sep 2023 09:30:46 GMT - Thu, 21 Dec 2023 09:30:45 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (36827)
Size
18 kB (17844 bytes)
Hash
8fa9ea5e3abe0237984b8690e3ab93ec
db30898d815c96cd0a6ae7c09bb78ec7ca222bc9
c60a0d0f18a4d5fd55e3b0c5eef7e976d3a48153875824eda2200bf8270d705c

HTTP Headers

GET /images/mm-shop-hoodie-p-500.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"65455235-12e72"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 9AFC:F7B5:1AB02B4:1B2E446:6546D419
accept-ranges: bytes
date: Sat, 04 Nov 2023 23:30:34 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1625-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1699140634.374609,VS0,VE127
vary: Accept-Encoding
x-fastly-request-id: 53351931fd09c246cf72c3163d7f8bc24ff5d47e
content-length: 17844
X-Firefox-Spdy: h2

matemska.com/images/dapp-opensea.png

172.67.145.89

200 OK

6.5 kB

URL GET HTTP/3
matemska.com/images/dapp-opensea.png
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6533 bytes)
Hash
f82776f839cec899c9c87a680226aabf
43f5dedb6216cb02ee568fcb66cb19fc296c3a85
c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/dapp-opensea.png HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:34 GMT
content-type: image/png
content-length: 6533
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: "62bd4c6e-1985"
expires: Mon, 04 Dec 2023 23:30:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FRJBxNiEDMjXBjgJl%2FjVZ1hMwaN%2BFN%2FPQe%2FQkzg0f2bYdKo6ird%2F9XmTEWQk70HOmdN9n0MxLIMpNVunXsi%2BO7zveAZWxJLe3e7NfyS55MkCsqrBpMMITZ6I21lcjJU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a5447f935689-OSL
alt-svc: h3=":443"; ma=86400

matemska.com/images/dapp-maker.png

172.67.145.89

200 OK

6.9 kB

URL GET HTTP/3
matemska.com/images/dapp-maker.png
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
6.9 kB (6852 bytes)
Hash
720871ca002e89a10d26e5c516066311
8648fe12645cd5c3473a73faba1d42cef78de444
f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/dapp-maker.png HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: image/png
content-length: 6852
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: "62bd4c6e-1ac4"
expires: Mon, 04 Dec 2023 23:30:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p%2Bzu%2FaNvvOa0b9slATF09OfMm9DKPXI9zWoFWwTNSP8SBfyAFTitEV19Zxlov0Ddh82lxJdC6dxCP3hagJaUuoNailtHvdy1acOk0xBu023uJYMQHP1OaqDaVztB7MI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a5447f915689-OSL
alt-svc: h3=":443"; ma=86400

matemska.com/images/dapp-rarible.png

172.67.145.89

200 OK

6.8 kB

URL GET HTTP/3
matemska.com/images/dapp-rarible.png
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
6.8 kB (6840 bytes)
Hash
b9f7c0fd11c34c044799e673947103f8
491baab057af39b2b24bf0c671d0eb05454b8c48
29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/dapp-rarible.png HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: image/png
content-length: 6840
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: "62bd4c6e-1ab8"
expires: Mon, 04 Dec 2023 23:30:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rb9kgFd6BGAK30oHmCZsTyxf8s0PMfoBkVj0JE9HehWgtH61fWDCbVs60hlbxEfTHy5mrOKHjwhbPGg%2BJy1oKgJZhLrfvO9HHsC4AaiE3ZVQyaazGljngd%2FNOMRzW%2Bo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a5448f9a5689-OSL
alt-svc: h3=":443"; ma=86400

matemska.com/images/dapp-gitcoin.png

172.67.145.89

200 OK

8.0 kB

URL GET HTTP/3
matemska.com/images/dapp-gitcoin.png
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (7998 bytes)
Hash
c710e9a5c39e89136a73edf0a1c99abe
aca40362b7d87533d00250e102ba852d19e2231c
7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/dapp-gitcoin.png HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: image/png
content-length: 7998
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: "62bd4c6e-1f3e"
expires: Mon, 04 Dec 2023 23:30:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YlLV%2F5RoGoANzGGOVQXEhhiBuxUgojbusj2Hv11asrEDWpR7ggMbrhsE3vDwaxQAuO86w3xfuJck79RqwbilpjlcI%2BfutBVYYSvmR7ZIhuUdlO7hcpnqoqJnl0F%2F0Sc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a5447f905689-OSL
alt-svc: h3=":443"; ma=86400

matemska.com/images/dapp-uniswap.png

172.67.145.89

200 OK

10 kB

URL GET HTTP/3
matemska.com/images/dapp-uniswap.png
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10268 bytes)
Hash
1948962ad395727d902bd6b5fcd01807
f7e85e096b084ef6d9f550afbcd702fd889031a5
ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/dapp-uniswap.png HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: image/png
content-length: 10268
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: "62bd4c6e-281c"
expires: Mon, 04 Dec 2023 23:30:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PIobpCESO%2FEc80NjafHRjUH0iqxiQJudd4T7KvW%2BEaP6BQcmBNbty3E7SJthccL1PIMhTXFi5qoImuBWWX%2BqGIa8mCahvnY1o3AMcgeSJafIP5PjDMXfQoiNtI25xKM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a5449fa95689-OSL
alt-svc: h3=":443"; ma=86400

matemska.com/images/dapp-compound.png

172.67.145.89

200 OK

11 kB

URL GET HTTP/3
matemska.com/images/dapp-compound.png
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11355 bytes)
Hash
3818f9cfccbd94fad91a10d3c5ee356c
7c6af849177aa8bf6ef9bcbf801dc375e1997900
20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/dapp-compound.png HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: image/png
content-length: 11355
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: "62bd4c6e-2c5b"
expires: Mon, 04 Dec 2023 23:30:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hG6wcz6%2BhQmvSlpDR7tqeYP1bwBrbM2s9WAVffwgvR5kIqu5LvvUPEtJCsb1Ti41M%2FFPx3hnjlTwy%2Bq96RF3TGo5VI33icLVOECx5nPfD5os7hjgg3Cgj9u%2B7xv1Ljg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a5447f8d5689-OSL
alt-svc: h3=":443"; ma=86400

matemska.com/images/dapp-aave.png

172.67.145.89

200 OK

14 kB

URL GET HTTP/3
matemska.com/images/dapp-aave.png
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14347 bytes)
Hash
521a00d54b7fe1cb1d7712b655ca54a6
8c5aa52335bf25183781e62843ede770bf6877ba
506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/dapp-aave.png HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: image/png
content-length: 14347
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: "62bd4c6e-380b"
expires: Mon, 04 Dec 2023 23:30:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mTuEqvSUrM3slqXX1CLC2pskTMC8b%2FL9yrhSQdLduo3%2F9CBmNI%2FTiPHxd3PaJcOLKdyNymmK8lChnAmu29QYDHPJcBbJCqxF4tky0SD8IEr5rghBqt3Nt5LC00WFyOQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a5447f875689-OSL
alt-svc: h3=":443"; ma=86400

metamask.io/images/mm-shop-hoodie-p-500.png

185.199.110.153

404 Not Found

18 kB

URL GET HTTP/2
metamask.io/images/mm-shop-hoodie-p-500.png
IP
185.199.110.153:443
ASN
#54113 FASTLY

Requested by
https://matemska.com/
Certificate
IssuerLet's Encrypt
Subjectmetamask.io
Fingerprint83:6F:D9:3B:D8:B7:26:F8:C6:33:19:B3:21:34:ED:C3:6B:2B:31:DA
ValidityFri, 22 Sep 2023 09:30:46 GMT - Thu, 21 Dec 2023 09:30:45 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (36827)
Size
18 kB (17844 bytes)
Hash
8fa9ea5e3abe0237984b8690e3ab93ec
db30898d815c96cd0a6ae7c09bb78ec7ca222bc9
c60a0d0f18a4d5fd55e3b0c5eef7e976d3a48153875824eda2200bf8270d705c

HTTP Headers

GET /images/mm-shop-hoodie-p-500.png HTTP/1.1
Host: metamask.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
server: GitHub.com
content-type: text/html; charset=utf-8
x-origin-cache: HIT
access-control-allow-origin: *
etag: W/"65455235-12e72"
content-encoding: gzip
x-proxy-cache: MISS
x-github-request-id: 9AFC:F7B5:1AB02B4:1B2E446:6546D419
accept-ranges: bytes
date: Sat, 04 Nov 2023 23:30:35 GMT
via: 1.1 varnish
age: 1
x-served-by: cache-bma1625-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1699140635.301149,VS0,VE1
vary: Accept-Encoding
x-fastly-request-id: 0ca27fc32c0429e93392faf5167ab63ddfbd6c91
content-length: 17844
X-Firefox-Spdy: h2

matemska.com/images/dapp-axieinfinity.png

172.67.145.89

200 OK

43 kB

URL GET HTTP/3
matemska.com/images/dapp-axieinfinity.png
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (42713 bytes)
Hash
5f662391fe3ddc927134ba8e15263eaf
ab5ea7aacdc8c97238247f59761abc02033b2a67
7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/dapp-axieinfinity.png HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: image/png
content-length: 42713
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: "62bd4c6e-a6d9"
expires: Mon, 04 Dec 2023 23:30:34 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AssTOU9Nza65x%2B2AP1zLFUxgLStzIC%2FLkJvGalpWwHSTutKh8d%2Btcsuu9rmF2ctf5K1phi4ka13Q6yJZatlK%2FoNn4u86BgVYyO7yWXDwN5f%2BZzfNccs7ucscq5VB%2Flw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a5447f8c5689-OSL
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css?family=Changa+One:400,400italic

142.250.74.106

200 OK

784 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Changa+One:400,400italic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintFA:D7:68:E4:12:7D:FE:22:87:DE:95:F1:1E:49:5A:49:FA:12:1E:B9
ValidityMon, 16 Oct 2023 08:10:01 GMT - Mon, 08 Jan 2024 08:10:00 GMT

File type
gzip compressed data, max compression\012- data
Size
784 B (784 bytes)
Hash
32c34d479a8b0762c1efa67f1d868544
714014d66f2cc7d25a372be1a98b44a46cece676
681c0f57822c91b4707b7724cc76402b6ee403caf2583a74346398baa43900bf

HTTP Headers

GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 04 Nov 2023 23:30:35 GMT
date: Sat, 04 Nov 2023 23:30:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size
7.9 kB (7900 bytes)
Hash
61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

HTTP Headers

GET /s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://matemska.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 18:16:18 GMT
expires: Sat, 02 Nov 2024 18:16:18 GMT
cache-control: public, max-age=31536000
age: 105257
last-modified: Thu, 24 Aug 2023 21:10:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

matemska.com/css/metamask-staging-2.webflow.css

172.67.145.89

200 OK

27 kB

URL GET HTTP/3
matemska.com/css/metamask-staging-2.webflow.css
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
ASCII text
Size
27 kB (27100 bytes)
Hash
dadc10770c97fe8d4774255bf653d705
fa9d847244c99978cd9a0c793a2202c8892dce74
11139400a1789a74b931014f8543c82c0fd793d9de7473f420c82dc8eb9d703d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /css/metamask-staging-2.webflow.css HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: text/css
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
vary: Accept-Encoding
etag: W/"62bd4c6e-21433"
expires: Sun, 05 Nov 2023 11:30:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BubW14rIBUBdfOnGKUYyGBlIQ6yIxLyb3R8KWCGue%2BbIFC2C8NuKFFM5o%2FwrXPsgBPDIsAYWUWFDg37yWyKcvoj6hWXdjxHqXgOEMFLq1w2tbLAsVofGVfJqj9eo%2BFw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8210a5446f6d5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

matemska.com/images/mm-logo.svg

172.67.145.89

200 OK

3.8 kB

URL GET HTTP/3
matemska.com/images/mm-logo.svg
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size
3.8 kB (3763 bytes)
Hash
51bcea2625eb2c6e9268a7377a792c86
5eeb306e6584eed1747c36c11724f193711d430e
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/mm-logo.svg HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: W/"62bd4c6e-2ef3"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jpKpRFpI2LFflSNu7DB8QamJMGQ3os%2FDT9lcjJ30Za%2BjxVKvZ4vEQ4jl2uwui%2F17BQ9OVD1hZHNd8mxxHcn1xqoeTPxUIDP%2BpdGlAsCGPZRbNwADgVGZeTs4cUT1sR0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a5446f715689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

matemska.com/fonts/EuclidCircularB-Bold-WebXL.woff2

172.67.145.89

200 OK

44 kB

URL GET HTTP/3
matemska.com/fonts/EuclidCircularB-Bold-WebXL.woff2
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Size
44 kB (44544 bytes)
Hash
9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /fonts/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/css/metamask-staging-2.webflow.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: font/woff2
content-length: 44544
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: "62bd4c6e-ae00"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucxccKdmjh%2F4K1jG9ywaa2Hvwe5qSPp3ZG3UQUsTsqFQjON8twpbTZ8E4pFmCA5XFr2RYvEUjNCaq1Eyop6uG8Oz1lgu9PNJpRcbpHpj4fSBgW8XxwNwtE1QCHjsfnw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a54aec3b5689-OSL
alt-svc: h3=":443"; ma=86400

matemska.com/css/normalize.css

172.67.145.89

200 OK

4.7 kB

URL GET HTTP/3
matemska.com/css/normalize.css
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
ASCII text
Size
4.7 kB (4726 bytes)
Hash
4951cc88307c632cf285d3ba988ab283
031d58bc40b4242b27d8171a01bb0ecb5f9d22d7
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /css/normalize.css HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:34 GMT
content-type: text/css
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
vary: Accept-Encoding
etag: W/"62bd4c6e-1e5c"
expires: Sun, 05 Nov 2023 11:30:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xQYaI%2BXKBdqMpaIkSWT2Zxd2ym92MPYLCSt%2FKGGGVpbOpVroYVw2XpoKo3Wmtnt9pzKWN0wo13VhwxEG8WwH4n%2F0%2BlKxOyE3gsBABgaJqrKq0ub7vv6apFF5alubzdI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8210a5445f675689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

matemska.com/js/webflow.js

172.67.145.89

200 OK

138 kB

URL GET HTTP/3
matemska.com/js/webflow.js
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
Unicode text, UTF-8 text, with very long lines (54239)
Size
138 kB (138454 bytes)
Hash
aa932307fd6818913c360441a1d21397
5d832542de495c05a829b2cdba867b8e508a69dc
8de8a14b1b42b80ff2a89d3afaccd40bad8e6f1b507cc20fe78408c8ff7aa252

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /js/webflow.js HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: application/javascript
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
vary: Accept-Encoding
etag: W/"62bd4c6e-8ac72"
expires: Sun, 05 Nov 2023 11:30:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aqoMM0hAxNHu8XG06RO52dPv50Uh5vik6EqwpT%2FS2%2BxjHN7R%2BCcg7iIC1z6seEJaipOuom7TViGlSCdHDI82ZxyTFUr5lMCjhpgtnaBA03vnWXZPIhxgnloUDF7X5sE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8210a544afb85689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true

216.58.207.228

200 OK

1.1 kB

URL GET HTTP/2
www.google.com/recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintF5:CC:DA:B5:BA:1E:14:14:44:CC:27:90:92:CC:60:1F:5F:08:AF:77
ValidityMon, 16 Oct 2023 08:10:46 GMT - Mon, 08 Jan 2024 08:10:45 GMT

File type
gzip compressed data\012- data
Size
1.1 kB (1086 bytes)
Hash
fa0cc66013b96a7523bceab055dac757
ad2b13d35120503420e1f2278f05c15549bd8b6d
2d918da112e663c32b48a7e9f74b6b050a1e91d1e18451ef8e3af854d5a8a88e

HTTP Headers

GET /recaptcha/enterprise.js?onload=hsRecaptchaLoadCallback&render=explicit&isolated=true HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
expires: Sat, 04 Nov 2023 23:30:36 GMT
date: Sat, 04 Nov 2023 23:30:36 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

matemska.com/fonts/EuclidCircularB-Regular-WebXL.woff2

172.67.145.89

200 OK

45 kB

URL GET HTTP/3
matemska.com/fonts/EuclidCircularB-Regular-WebXL.woff2
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Size
45 kB (45196 bytes)
Hash
2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /fonts/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/css/metamask-staging-2.webflow.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:36 GMT
content-type: font/woff2
content-length: 45196
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: "62bd4c6e-b08c"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S6jhTR7DbVPTB3YdDoM2tWiIfcWCxNII2%2FBCdMqQVfvtY7CEy2xme4c%2FJjpVoGDqSXj6ttjveZm6m4DS8%2B6LS3CxnoXt2JEIewVzsM84EZ7oeGUj7TV7VVZtsCvnCH8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a54adc325689-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

142.250.74.67

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
ASCII text, with very long lines (537)
Size
191 kB (191376 bytes)
Hash
0de5995e9ac19853eeffb8bbe74e6a7d
719e6fbcd0b38df859a6f7a8c51a820d7bf5970d
c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37

HTTP Headers

GET /recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://matemska.com
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 191376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 19:31:24 GMT
expires: Sat, 02 Nov 2024 19:31:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 100752
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067

104.18.160.125

200 OK

35 B

URL GET HTTP/3
perf.hsforms.com/embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067
IP
104.18.160.125:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
GIF image data, version 89a, 1 x 1\012- data
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /embed/v3/counters.gif?key=forms-next-recaptcha-viewed&count=1&portalId=4795067 HTTP/1.1
Host: perf.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:37 GMT
content-type: image/gif
content-length: 35
x-trace: 2B17F893FAC48D8938034D5200B0B635432AE0ED89000000000000000000
cache-control: max-age=0, no-cache, no-store
vary: origin, Accept-Encoding
access-control-allow-credentials: false
x-content-type-options: nosniff
access-control-expose-headers: X-Origin-Hublet
x-robots-tag: none
x-envoy-upstream-service-time: 2
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-4qqf5
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
x-hubspot-correlation-id: 950614b0-b9ec-4c14-8fef-5cae2bd7646c
x-request-id: 950614b0-b9ec-4c14-8fef-5cae2bd7646c
last-modified: Sat, 04 Nov 2023 23:30:36 GMT
cf-cache-status: MISS
accept-ranges: bytes
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 8210a5547af65689-OSL
alt-svc: h3=":443"; ma=86400

www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css

142.250.74.67

200 OK

25 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
ASCII text, with very long lines (56398), with no line terminators
Size
25 kB (24606 bytes)
Hash
eb4bc511f79f7a1573b45f5775b3a99b
d910fb51ad7316aa54f055079374574698e74b35
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050

HTTP Headers

GET /recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 24606
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Nov 2023 13:37:59 GMT
expires: Sun, 03 Nov 2024 13:37:59 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
content-type: text/css
vary: Accept-Encoding
age: 35558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

142.250.74.67

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
ASCII text, with very long lines (537)
Size
191 kB (191376 bytes)
Hash
0de5995e9ac19853eeffb8bbe74e6a7d
719e6fbcd0b38df859a6f7a8c51a820d7bf5970d
c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37

HTTP Headers

GET /recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 191376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 19:31:24 GMT
expires: Sat, 02 Nov 2024 19:31:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 100753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tYXRlbXNrYS5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&badge=inline&cb=5eopy49p97fy
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Size
15 kB (15344 bytes)
Hash
5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

HTTP Headers

GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Nov 2023 23:51:35 GMT
expires: Fri, 01 Nov 2024 23:51:35 GMT
cache-control: public, max-age=31536000
age: 171542
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 22:20:01 GMT
expires: Sat, 02 Nov 2024 22:20:01 GMT
cache-control: public, max-age=31536000
age: 90636
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/api2/logo_48.png

142.250.74.67

200 OK

2.2 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/logo_48.png
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tYXRlbXNrYS5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&badge=inline&cb=5eopy49p97fy
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
2.2 kB (2228 bytes)
Hash
ef9941290c50cd3866e2ba6b793f010d
4736508c795667dcea21f8d864233031223b7832
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

HTTP Headers

GET /recaptcha/api2/logo_48.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 2228
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Oct 2023 05:14:09 GMT
expires: Tue, 07 Nov 2023 05:14:09 GMT
cache-control: public, max-age=604800
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
age: 411388
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

142.250.74.67

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
ASCII text, with very long lines (537)
Size
191 kB (191376 bytes)
Hash
0de5995e9ac19853eeffb8bbe74e6a7d
719e6fbcd0b38df859a6f7a8c51a820d7bf5970d
c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37

HTTP Headers

GET /recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 191376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 19:31:24 GMT
expires: Sat, 02 Nov 2024 19:31:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 100753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

matemska.com/images/hero2.2.png

172.67.145.89

200 OK

590 kB

URL GET HTTP/3
matemska.com/images/hero2.2.png
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data
Size
590 kB (589568 bytes)
Hash
d0ec70f4c666fbf6ad0d30a52d08c5c9
e48f0688bc4f592824840478d12c05df0dd12002
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/hero2.2.png HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/css/metamask-staging-2.webflow.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:36 GMT
content-type: image/png
content-length: 589568
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: "62bd4c6e-8ff00"
expires: Mon, 04 Dec 2023 23:30:35 GMT
cache-control: max-age=2592000
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JiiBoVfOIa1ipMWV9Y05e8aF8R7Yhe8%2BEXYkqvaGhG4zxKcGXSm1yr2BF6vJebyfzqJyCbx4WIYXFCH4g%2BqQSMVfPBAYK9ROymdEhK5zVyMJ0aCQ4LSAVP%2BbG1nT7JU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a54abbfd5689-OSL
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

216.58.207.228

200 OK

26 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (56425)
Size
26 kB (25772 bytes)
Hash
8b0f3870cd31b3825b9c5fba51bd538f
881f1fc5e42bbc8cb4d7c14cd816ea5dffb88cb8
63ec75bc7d7e707a0c123b0ef333beac862ffdbcbe4089f9f04846977061214f

HTTP Headers

GET /recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Nov 2023 23:30:37 GMT
content-security-policy: script-src 'nonce-f4DC42whJ_sqw0R5c2O9NA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js

142.250.74.67

200 OK

191 kB

URL GET HTTP/3
www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
ASCII text, with very long lines (537)
Size
191 kB (191376 bytes)
Hash
0de5995e9ac19853eeffb8bbe74e6a7d
719e6fbcd0b38df859a6f7a8c51a820d7bf5970d
c7f150e7d0ed3cf657e531221f2640209e6daebed0fbaa6ab7e430ce8eb56a37

HTTP Headers

GET /recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 191376
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 19:31:24 GMT
expires: Sat, 02 Nov 2024 19:31:24 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 30 Oct 2023 02:02:02 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 100753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

matemska.com/metamask.io/images/webclip.html

172.67.145.89

404 Not Found

40 kB

URL GET HTTP/3
matemska.com/metamask.io/images/webclip.html
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
40 kB (40216 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /metamask.io/images/webclip.html HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 04 Nov 2023 23:30:37 GMT
content-type: text/html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BPPdH%2FxNncdHd%2BymmhRrcP6s8hhHCA7fq%2Fbl0ploEyhdroAtGW7PeS9P1Xh3q1ezpCkERRDyoF1%2BHZeewHIPyhh3OFJiqKTS5icft%2F8sQ7KRa7iLZb9Q2uwAxdw5viw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8210a5531a1f5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

216.58.207.227

200 OK

15 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15340, version 1.0\012- data
Size
15 kB (15340 bytes)
Hash
19b7a0adfdd4f808b53af7e2ce2ad4e5
81d5d4c7b5035ad10cce63cf7100295e0c51fdda
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15340
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Nov 2023 15:15:32 GMT
expires: Fri, 01 Nov 2024 15:15:32 GMT
cache-control: public, max-age=31536000
age: 202505
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/3
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Size
16 kB (15552 bytes)
Hash
285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

HTTP Headers

GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 22:20:01 GMT
expires: Sat, 02 Nov 2024 22:20:01 GMT
cache-control: public, max-age=31536000
age: 90637
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/refresh_2x.png

142.250.74.67

200 OK

600 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/refresh_2x.png
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
600 B (600 bytes)
Hash
0f2a4639b8a4cb30c76e8333c00d30a6
57e273a270bb864970d747c74b3f0a7c8e515b13
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

HTTP Headers

GET /recaptcha/api2/refresh_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 600
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Nov 2023 15:12:23 GMT
expires: Thu, 09 Nov 2023 15:12:23 GMT
cache-control: public, max-age=604800
age: 202695
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/audio_2x.png

142.250.74.67

200 OK

530 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/audio_2x.png
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
530 B (530 bytes)
Hash
88e0f42c9fa4f94aa8bcd54d1685c180
5ad9d47a49b82718baa3be88550a0b3350270c42
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

HTTP Headers

GET /recaptcha/api2/audio_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 530
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Oct 2023 05:32:22 GMT
expires: Tue, 07 Nov 2023 05:32:22 GMT
cache-control: public, max-age=604800
age: 410296
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

matemska.com/metamask.io/images/favicon.html

172.67.145.89

404 Not Found

760 B

URL GET HTTP/3
matemska.com/metamask.io/images/favicon.html
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
760 B (760 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /metamask.io/images/favicon.html HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
date: Sat, 04 Nov 2023 23:30:37 GMT
content-type: text/html
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=weMv90vd5t1%2BMUSmnNhoYhG4g3A2TY%2BR1Frsk6JUJIbMT%2BK%2B0H4TFNNYlGn0NhB201EVWkJ7vjyzNCjbDOLaPBTE3sZLeg%2FQbRWwZz340qEHR2GNombHbEOFnzhRqkg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8210a5531a205689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

matemska.com/

172.67.145.89

200 OK

17 kB

URL User Request GET HTTP/2
matemska.com/
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type

Size
17 kB (17368 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET / HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 04 Nov 2023 23:30:34 GMT
content-type: text/html
last-modified: Mon, 22 May 2023 08:47:49 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GIj%2B2TgqkMe4HS3XW0HJVjmz%2Fkl52GuqnznZTrCRBy5LLDciBWfj5GTPA15NxK8VEl4rX4Z7X5MSx3i%2BQpDBPoWwnQAQ%2FXy4r6h%2FxhUVPvH40lag6poLkzEbHevcSCw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8210a53f8cb3b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

matemska.com/js/jquery-3.5.1.min.dc5e7f18c8.js

172.67.145.89

200 OK

90 kB

URL GET HTTP/3
matemska.com/js/jquery-3.5.1.min.dc5e7f18c8.js
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /js/jquery-3.5.1.min.dc5e7f18c8.js HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: application/javascript
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
vary: Accept-Encoding
etag: W/"62bd4c6e-15d84"
expires: Sun, 05 Nov 2023 11:30:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3c32hkG5LivSD7CEB2p9yC8p7%2F8rYnqJnyF7GIUozWyR91xnbB8Eqh8njBi%2F%2FEe3JU14oP6%2BUQTiflntl3QBsaH%2FFwFeWbXC2XTvpE3akRXVMjaHVPTZ8WxBqmJgWJk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8210a544afb75689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

matemska.com/forms/v2.js

172.67.145.89

200 OK

584 kB

URL GET HTTP/3
matemska.com/forms/v2.js
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type

Size
584 kB (583650 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /forms/v2.js HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: application/javascript
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
vary: Accept-Encoding
etag: W/"62bd4c6e-8e7e2"
expires: Sun, 05 Nov 2023 11:30:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qV%2FUOBvEO7siPaFHfA19jw7TAn17HdUPEaty%2FItRmbv8355nJ2O6b7RysSlvrtD3yi1cfbcPHo4Xo9d0DM2yjJd1CLhrJyosEX6z8FUlq40CjSJqeNbu427Lo0DwlIs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8210a544afaf5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

216.58.207.228

200 OK

41 kB

URL POST HTTP/3
www.google.com/recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT

File type
ASCII text, with very long lines (41002)
Size
41 kB (41007 bytes)
Hash
53e1b00ee412d10fa03ea679bdd1e8a4
306c65d3fadaea8fb265dce425bdae91b44c5b54
a88f9f4ccd932944d166e7f07eaa44df743484106982d11c14e9c25859face85

HTTP Headers

POST /recaptcha/enterprise/reload?k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-protobuffer
Content-Length: 6797
Origin: https://www.google.com
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: application/json; charset=utf-8
content-encoding: gzip
date: Sat, 04 Nov 2023 23:30:37 GMT
expires: Sat, 04 Nov 2023 23:30:37 GMT
cache-control: private, max-age=0
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
set-cookie: _GRECAPTCHA=09ABQWEJpETcIFng_Y0-cxX-peP1tig1HlXBxDZ9pvtoTGvErb3q-8oPHjeqWEVG1cXoYJPX0eH_ItQcXmG5OfBcE;Path=/recaptcha;Expires=Thu, 02-May-2024 23:30:37 GMT;Secure;HttpOnly;Priority=HIGH;SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.gstatic.com/recaptcha/api2/info_2x.png

142.250.74.67

200 OK

665 B

URL GET HTTP/3
www.gstatic.com/recaptcha/api2/info_2x.png
IP
142.250.74.67:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
665 B (665 bytes)
Hash
07bf314aab04047b9e9a959ee6f63da3
17bef6602672e2fd9956381e01356245144003e5
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

HTTP Headers

GET /recaptcha/api2/info_2x.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.gstatic.com/recaptcha/releases/3sU2vDRVDmUU2E0Ro4VadvPr/styles__ltr.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
accept-ranges: bytes
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 665
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 Nov 2023 11:00:47 GMT
expires: Sat, 11 Nov 2023 11:00:47 GMT
cache-control: public, max-age=604800
age: 44991
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

matemska.com/images/social-35.svg

172.67.145.89

200 OK

602 B

URL GET HTTP/3
matemska.com/images/social-35.svg
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (665), with no line terminators
Size
602 B (602 bytes)
Hash
885efa5a5f2076d86def5755fb4012c9
7e912d4bb0476fed824eb9308d01d974b55b52c1
82ab5f4aece8bba358567f6cbafc0da0640a634140124a1330453996bd47dc71

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/social-35.svg HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:34 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: W/"62bd4c6e-25a"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ocy1WlcfhNROGMb59Ycry0%2FVpyh0ll9L%2FgMMdi0FlvPCX10X99jvnEdcdVJaw1Pk0jMPCHmmHI3Ou8YhF8VlldZ%2BaMz6yInkI72DOyvZrdwZzOJhXnnc5iqp%2Bxxe4og%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a5446f765689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

matemska.com/css/webflow.css

172.67.145.89

200 OK

39 kB

URL GET HTTP/3
matemska.com/css/webflow.css
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type

Size
39 kB (39109 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /css/webflow.css HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:34 GMT
content-type: text/css
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
vary: Accept-Encoding
etag: W/"62bd4c6e-98c5"
expires: Sun, 05 Nov 2023 11:30:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iLFwKdtTCGuwovrcw08tyw0HD8GjKwmmk9nrWsumpVnbfILi8OZoJQLpTysWcyLbVKfkwFcMcYPlhFxUzstb0a8x5vRCyoyG4ACB2N%2F9BFYy0N0YOG74UuSrHU3XYX8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8210a5445f695689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

matemska.com/images/Browse-illo.svg

172.67.145.89

200 OK

28 kB

URL GET HTTP/3
matemska.com/images/Browse-illo.svg
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2226)
Size
28 kB (28164 bytes)
Hash
afeafb6a9f14bd7771c63015be5a05c9
78683c75d81cf80440f083e9fb4bb2987748e290
517c0c6b44ede59070fb138aab7e875b9c230a227295f9612c32dabb9b0bdb13

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/Browse-illo.svg HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: W/"62bd4c6e-6e04"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JCd9W4Zsf8dkaUDQx9ZtZAkVk%2B8oS%2BZgJvAU9r0Zx9%2F3DQbzmXimaIu32iLjHkRqmAB5n5mdV0lAF9l7lUJYXJUDwtwjTk9dmuI%2FQfY4enJcNTl6x9njP%2B8rh%2FhOnRA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a5447f825689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=

104.18.160.125

200 OK

5.8 kB

URL GET HTTP/1.1
forms.hsforms.com/embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk=
IP
104.18.160.125:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1E:9D:91:27:86:63:DC:7B:9D:15:4E:99:31:FC:AA:1D:DC:9E:06:3B
ValidityThu, 18 May 2023 00:00:00 GMT - Fri, 17 May 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (6544), with no line terminators
Size
5.8 kB (5794 bytes)
Hash
7a00b8da273426d38b31dafaeb8efcf7
f2c356a008480238b0ed853df3ac20ecfca6f0b1
b3c6fee1bb7f5c3f152b912cfa6e6993ee8f1890b44bec9a9ecba3b9ae9eea67

HTTP Headers

GET /embed/v3/form/4795067/2b64112b-f442-4840-9ace-b11dccd5f744?callback=hs_reqwest_0&hutk= HTTP/1.1
Host: forms.hsforms.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 04 Nov 2023 23:30:36 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Trace: 2B07ECD8CDE4499DFA3E0E87EA0F236FC6B56E6E92000000000000000000
X-Origin-Hublet: na1
Vary: origin
Content-Disposition: attachment; filename=no-rfd.txt
X-Content-Type-Options: nosniff
Access-Control-Allow-Credentials: false
Access-Control-Expose-Headers: X-Origin-Hublet
Cache-Control: max-age=0, no-cache, no-store
X-Robots-Tag: none
x-envoy-upstream-service-time: 8
x-evy-trace-route-service-name: envoyset-translator
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/star-hubspot-td/envoy-proxy-79986f96f-rwf2n
x-evy-trace-listener: listener_https
x-evy-trace-route-configuration: listener_https/all
X-HubSpot-Correlation-Id: 7ccd3a15-f49e-408b-b90e-7f97b7755243
x-request-id: 7ccd3a15-f49e-408b-b90e-7f97b7755243
CF-Cache-Status: DYNAMIC
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Server: cloudflare
CF-RAY: 8210a54fcc1d568b-OSL
Content-Encoding: br
alt-svc: h3=":443"; ma=86400

matemska.com/images/Explore-illo.svg

172.67.145.89

200 OK

37 kB

URL GET HTTP/3
matemska.com/images/Explore-illo.svg
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1527)
Size
37 kB (36835 bytes)
Hash
46fb450c5ecf6da758bca0975551f056
629157e884b450ecf5a94d38d736db3c7428245f
8ba2b37fd4f2f3c19c10109bc6111d3d71692c78f9351f1eb2a8cab5231b77b5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/Explore-illo.svg HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: W/"62bd4c6e-8fe3"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EkYRQzlpuqsp8ySQAn1VwUfDXYgc%2F3mHwVKI%2FpbkgFJFUxKqCo37hDzzLNBxXzc%2FkzPZcHi%2FOLM35Veazb2T0gEUtYH9kvS3wkRHmKqlXR%2F43KSvNJkm4KLYAyb9eoc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a5447f805689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

216.58.207.227

200 OK

8.4 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintEB:59:E9:F3:0F:CE:D8:1A:8C:BB:EE:7D:2E:B7:B8:39:73:7A:CE:28
ValidityMon, 16 Oct 2023 08:10:00 GMT - Mon, 08 Jan 2024 08:09:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Size
8.4 kB (8404 bytes)
Hash
141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

HTTP Headers

GET /s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://matemska.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Nov 2023 18:31:29 GMT
expires: Sat, 02 Nov 2024 18:31:29 GMT
cache-control: public, max-age=31536000
age: 104346
last-modified: Thu, 24 Aug 2023 20:56:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr

216.58.207.228

200 OK

102 B

URL GET HTTP/3
www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tYXRlbXNrYS5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&badge=inline&cb=5eopy49p97fy
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT

File type
ASCII text, with no line terminators
Size
102 B (102 bytes)
Hash
9ca02fb52a248419ad2f1e6b56b7b1fc
5ab7a89906a3766c039843a173690f7e6bc05211
1c8bb9d1a8eec9d58deb70c22a52e8bc5bcfd0f57eb7ba9a3a3f3312c184da91

HTTP Headers

GET /recaptcha/enterprise/webworker.js?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tYXRlbXNrYS5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&badge=inline&cb=5eopy49p97fy
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/javascript; charset=UTF-8
expires: Sat, 04 Nov 2023 23:30:37 GMT
date: Sat, 04 Nov 2023 23:30:37 GMT
cache-control: private, max-age=300
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/payload?p=06AFcWeA4cgwktZP93peDVawh95LjcKM_Ijhy0r6-RoVhjbkMdt-9JlVdEeBXMlDV_144AzTy57o0Y07J6mvIHMs-Y84RKA-ZDlcrIl8la9BaRMO23HgqiaUARu6T8Vk_0Oo4n1WKDZiKTnP_gcLaUvtcUZ3x5NdrnSK3ro0n-Qfy95NiBA3Z9mVYSQ325XC_ECQvvbPjxPYGM&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm

216.58.207.228

200 OK

21 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/payload?p=06AFcWeA4cgwktZP93peDVawh95LjcKM_Ijhy0r6-RoVhjbkMdt-9JlVdEeBXMlDV_144AzTy57o0Y07J6mvIHMs-Y84RKA-ZDlcrIl8la9BaRMO23HgqiaUARu6T8Vk_0Oo4n1WKDZiKTnP_gcLaUvtcUZ3x5NdrnSK3ro0n-Qfy95NiBA3Z9mVYSQ325XC_ECQvvbPjxPYGM&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT

File type
JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x450, components 3\012- data
Size
21 kB (21091 bytes)
Hash
39696c798e7903cfb3e251106d257950
6714ea49d60b4c091f6181d3dbd9335a723f0a83
4ee7e55c2254a8baf366cab1bb2f8ded699158d065647de2d8a78d7af8264dad

HTTP Headers

GET /recaptcha/enterprise/payload?p=06AFcWeA4cgwktZP93peDVawh95LjcKM_Ijhy0r6-RoVhjbkMdt-9JlVdEeBXMlDV_144AzTy57o0Y07J6mvIHMs-Y84RKA-ZDlcrIl8la9BaRMO23HgqiaUARu6T8Vk_0Oo4n1WKDZiKTnP_gcLaUvtcUZ3x5NdrnSK3ro0n-Qfy95NiBA3Z9mVYSQ325XC_ECQvvbPjxPYGM&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.google.com/recaptcha/enterprise/bframe?hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm
Cookie: _GRECAPTCHA=09ABQWEJpETcIFng_Y0-cxX-peP1tig1HlXBxDZ9pvtoTGvErb3q-8oPHjeqWEVG1cXoYJPX0eH_ItQcXmG5OfBcE
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: image/jpeg
expires: Sat, 04 Nov 2023 23:30:38 GMT
date: Sat, 04 Nov 2023 23:30:38 GMT
cache-control: private, max-age=30
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tYXRlbXNrYS5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&badge=inline&cb=5eopy49p97fy

216.58.207.228

200 OK

60 kB

URL GET HTTP/3
www.google.com/recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tYXRlbXNrYS5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&badge=inline&cb=5eopy49p97fy
IP
216.58.207.228:443
ASN
#15169 GOOGLE

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
FingerprintFD:EE:45:21:A2:3C:95:82:9B:BA:3F:7A:59:3C:F6:C2:7B:C7:84:8F
ValidityMon, 16 Oct 2023 08:02:35 GMT - Mon, 08 Jan 2024 08:02:34 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (52047)
Size
60 kB (60535 bytes)
Hash
9835035b522cc679d71a36dbd023dea1
fdb8f280176a6e4f8ff5112e0b85ae504321379d
d0a28cd3826da9f5d0817cedbe062c5bd92d41cea3ae8d7231ea7ae72b300bc9

HTTP Headers

GET /recaptcha/enterprise/anchor?ar=1&k=6Ld_ad8ZAAAAAAqr0ePo1dUfAi0m4KPkCMQYwPPm&co=aHR0cHM6Ly9tYXRlbXNrYS5jb206NDQz&hl=en&v=3sU2vDRVDmUU2E0Ro4VadvPr&size=invisible&badge=inline&cb=5eopy49p97fy HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/html; charset=utf-8
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 04 Nov 2023 23:30:36 GMT
content-security-policy: script-src 'nonce-L6Umg9OH7646bYME4_qJoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

matemska.com/logo.js

172.67.145.89

200 OK

46 kB

URL GET HTTP/3
matemska.com/logo.js
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
ASCII text, with very long lines (497)
Size
46 kB (46128 bytes)
Hash
62e0e533c3ce4dc08ebf2a640f22164c
9a930c6f184104a9f7403244a841d0fe208b27d9
6137618d3823a779dd702a546f64a767860341256ed661e1204b2dbdfc680ef4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /logo.js HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: application/javascript
last-modified: Mon, 22 May 2023 08:47:49 GMT
vary: Accept-Encoding
etag: W/"646b2c35-b430"
expires: Sun, 05 Nov 2023 11:30:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c7GG1Yy8gJsfonUWxLcGBNOMaMi9LgkuVLaWag9OAn%2FNiJb%2FCDztxqljj1YRRMowoOf2I%2B6HRD5J2B%2BDxnToKEQLZLv8vwcBAL4cg0sS%2FGseWGkS%2FRpFSgQt4BckezY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8210a5447f865689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

matemska.com/images/wallet-illo.svg

172.67.145.89

200 OK

36 kB

URL GET HTTP/3
matemska.com/images/wallet-illo.svg
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1199)
Size
36 kB (36437 bytes)
Hash
63ad7f01f67accd6aafb47999640abe5
5ed10575a1a39d5b02840416a281fb1e655bd423
596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /images/wallet-illo.svg HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: image/svg+xml
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
etag: W/"62bd4c6e-8e55"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8b%2BiSKZVjscxYHi%2FhGAQSzHGtzKKdEthEE78JwoSwh%2FpcToj06H9Yu%2F%2F3ps5Kpw3MxKPdb3B2tTGgoAvlb0sN%2FtabRp%2FP%2BPBtJPu0PAaKPC39TsYvedxxUQrsHKbSqU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8210a5446f7d5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

matemska.com/ajax/libs/webfont/1.6.26/webfont.js

172.67.145.89

200 OK

13 kB

URL GET HTTP/3
matemska.com/ajax/libs/webfont/1.6.26/webfont.js
IP
172.67.145.89:443
ASN
#13335 CLOUDFLARENET

Requested by
https://matemska.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectmatemska.com
Fingerprint8F:B7:E7:E3:3F:ED:0C:E9:6B:D2:2B:6B:43:64:F0:FA:F1:67:38:15
ValiditySat, 16 Sep 2023 09:09:13 GMT - Fri, 15 Dec 2023 09:09:12 GMT

File type
ASCII text, with very long lines (2134)
Size
13 kB (13188 bytes)
Hash
7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /ajax/libs/webfont/1.6.26/webfont.js HTTP/1.1
Host: matemska.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://matemska.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 04 Nov 2023 23:30:35 GMT
content-type: application/javascript
last-modified: Thu, 30 Jun 2022 07:10:38 GMT
vary: Accept-Encoding
etag: W/"62bd4c6e-3384"
expires: Sun, 05 Nov 2023 11:30:34 GMT
cache-control: max-age=43200
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3jMTmku8nQnbzSkZzl9lLdYZmsCTsYrAHIf4k3GCTVyi34hsASC1AP%2FWruLBmVOd8ovDz7IX5sk%2BqTw7vQqAdAZsw2kXIekp8N%2FUZ5LXQkTNWTev1gTt4r7q5kpfTbI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8210a5446f6f5689-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (20)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by