matopage.top Open in urlscan Pro
104.21.15.29 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://matopage.top/
Submission Tags: @ecarlesi threat #phishing #metamask Search All
Submission: On September 09 via api (September 9th 2023, 3:23:01 am UTC) from AU — Scanned from AU

Summary HTTP 2 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 2 HTTP transactions. The main IP is 104.21.15.29, located in and belongs to CLOUDFLARENET, US. The main domain is matopage.top.

This is the only time matopage.top was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address		AS Autonomous System
1	104.21.15.29 104.21.15.29		13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2

1 104.21.15.29 (None, )

ASN13335 (CLOUDFLARENET, US)

matopage.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	matopage.top matopage.top	296 KB
2	1

	Domain	Requested by
1	matopage.top
2	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://matopage.top/
Frame ID: 9727882D352F6C5985B18218104D6E47
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The crypto wallet for Defi, Web3 Dapps and NFTs | MetaMask

Page Statistics

2
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

559 kB
Transfer

791 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
14 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response matopage.top/	528 KB 296 KB	1917ms 755ms	Document text/html	104.21.15.29 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://matopage.top/ Protocol HTTP/1.1 Server 104.21.15.29 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `196da5aab4dc1e2e54b226617240d6eb98f1cdec6e5a61e07cf42e1eaf27e589` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 803c4f396b044ffd-MEL Connection keep-alive Content-Encoding gzip Content-Type text/html Date Sat, 09 Sep 2023 03:22:54 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xxxdjdtueMYcPrYHRnnzIErPa3cs3LBB%2BdQBNRmMBknqKD8Iqv093YqLQ%2BdO%2BqK9UWJjY6e5csDinFHh30FbrpswyBvv0Kn36fr5suZ5HQO%2FEZfSuAdumxw9OZIGPQ%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked Vary Accept-Encoding alt-svc h3=":443"; ma=86400
GET DATA	200 OK	truncated /	44 KB 44 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b` Request headers Referer http://matopage.top/ Origin http://matopage.top accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	2 KB 2 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845` Request headers Referer http://matopage.top/ Origin http://matopage.top accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type application/x-font-ttf;charset=utf-8
GET DATA	200 OK	truncated /	44 KB 44 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df` Request headers Referer http://matopage.top/ Origin http://matopage.top accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	30 KB 30 KB		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `4859eadd0825cf4fbc2060497489eed4a7f0bd6af0b95ed0e341f13c7b974e13` Request headers accept-language en-AU,en;q=0.9 Referer http://matopage.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	36 KB 36 KB		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d` Request headers accept-language en-AU,en;q=0.9 Referer http://matopage.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	36 KB 36 KB		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `8ba2b37fd4f2f3c19c10109bc6111d3d71692c78f9351f1eb2a8cab5231b77b5` Request headers accept-language en-AU,en;q=0.9 Referer http://matopage.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	28 KB 28 KB		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `517c0c6b44ede59070fb138aab7e875b9c230a227295f9612c32dabb9b0bdb13` Request headers accept-language en-AU,en;q=0.9 Referer http://matopage.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	7 KB 7 KB		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `f11f1fc1d9037dca6df6ebe677fa8601120f26b8b5c167818ca3c98fc2f31022` Request headers accept-language en-AU,en;q=0.9 Referer http://matopage.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	12 KB 12 KB		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `9da0965581b7fcb1ec14f550e84570680ab72f15779056475b84db5861577f73` Request headers accept-language en-AU,en;q=0.9 Referer http://matopage.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	6 KB 6 KB		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `d18d00e241fe4415ad5801f9aa2009dffdbee4555babdf35380f4006f99ee990` Request headers accept-language en-AU,en;q=0.9 Referer http://matopage.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	3 KB 3 KB		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `520821cb70a1c751e4760b6090993f910c7e25356039d42baecff1401f1a3ecd` Request headers accept-language en-AU,en;q=0.9 Referer http://matopage.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	3 KB 3 KB		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `6ce58398bd4036c11b239e0a76410762ba1174f331ee14d0cb2f63170d24a6bc` Request headers accept-language en-AU,en;q=0.9 Referer http://matopage.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	4 KB 4 KB		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ada42674ccc28536c8b34f6f87c553e82b2ec8a3776384ec1c16dbfc1c428817` Request headers accept-language en-AU,en;q=0.9 Referer http://matopage.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	4 KB 4 KB		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `23405fbdfa49353e72562977ac73c176d25d93e37c72e506496574bd0813daa8` Request headers accept-language en-AU,en;q=0.9 Referer http://matopage.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	5 KB 5 KB		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `c2962aa385ac1ee97227c556e5f7f91d2a13f0091b3d066282c740d16e2dff16` Request headers accept-language en-AU,en;q=0.9 Referer http://matopage.top/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.179 Safari/537.36 Response headers Content-Type image/webp

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

matopage.top
104.21.15.29
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
196da5aab4dc1e2e54b226617240d6eb98f1cdec6e5a61e07cf42e1eaf27e589
23405fbdfa49353e72562977ac73c176d25d93e37c72e506496574bd0813daa8
4859eadd0825cf4fbc2060497489eed4a7f0bd6af0b95ed0e341f13c7b974e13
517c0c6b44ede59070fb138aab7e875b9c230a227295f9612c32dabb9b0bdb13
520821cb70a1c751e4760b6090993f910c7e25356039d42baecff1401f1a3ecd
596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d
6ce58398bd4036c11b239e0a76410762ba1174f331ee14d0cb2f63170d24a6bc
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
8ba2b37fd4f2f3c19c10109bc6111d3d71692c78f9351f1eb2a8cab5231b77b5
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
9da0965581b7fcb1ec14f550e84570680ab72f15779056475b84db5861577f73
ada42674ccc28536c8b34f6f87c553e82b2ec8a3776384ec1c16dbfc1c428817
c2962aa385ac1ee97227c556e5f7f91d2a13f0091b3d066282c740d16e2dff16
d18d00e241fe4415ad5801f9aa2009dffdbee4555babdf35380f4006f99ee990
e34720dfd45d8f8832925512cd5ddd1bbe6bff7f0dd3f367a0eb43b17f3579ec
f11f1fc1d9037dca6df6ebe677fa8601120f26b8b5c167818ca3c98fc2f31022

matopage.top Open in urlscan Pro 104.21.15.29 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

2 Requests

0 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

559 kBTransfer

791 kBSize

0 Cookies

0 Outgoing links

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 14 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

matopage.top Open in urlscan Pro
104.21.15.29 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

0 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

559 kB
Transfer

791 kB
Size

0
Cookies

2 HTTP transactions
14 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!