urlscan.io logo urlscan.io
SecurityTrails logo

www.avalanche.usermainnet.site Open in urlscan Pro
103.129.220.10  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://www.avalanche.usermainnet.site/
Submission: On October 13 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 7 domains to perform 20 HTTP transactions. The main IP is 103.129.220.10, located in Indonesia and belongs to IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID. The main domain is www.avalanche.usermainnet.site.
TLS certificate: Issued by R3 on October 13th 2022. Valid for: 3 months.
This is the only time www.avalanche.usermainnet.site was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

IP Address AS Autonomous System
14 103.129.220.10 138062 (IDNIC-PAA...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 51.210.3.236 16276 (OVH)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a04:4e42:62:... 54113 (FASTLY)
1 2600:9000:205... 16509 (AMAZON-02)
20 7
14    103.129.220.10 (Indonesia)

ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID)
PTR: iix91.cloudhost.id
www.avalanche.usermainnet.site
1    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    51.210.3.236 (France)

ASN16276 (OVH, FR)
PTR: ns3172623.ip-51-210-3.eu
i.ibb.co
1    2606:4700::6812:1023 (United States)

ASN13335 (CLOUDFLARENET, US)
wallet.avax.network
1    2a04:4e42:62::159 (United States)

ASN54113 (FASTLY, US)
pbs.twimg.com
1    2600:9000:2057:c200:12:9e5f:cac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets-global.website-files.com
Apex Domain
Subdomains		 Transfer
14 usermainnet.site
www.avalanche.usermainnet.site
298 KB
1 website-files.com
assets-global.website-files.com — Cisco Umbrella Rank: 12119
3 MB
1 twimg.com
pbs.twimg.com — Cisco Umbrella Rank: 699
5 KB
1 avax.network
wallet.avax.network
9 KB
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 13074
37 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 720
11 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
30 KB
20 7
Domain Requested by
14 www.avalanche.usermainnet.site www.avalanche.usermainnet.site
1 assets-global.website-files.com www.avalanche.usermainnet.site
1 pbs.twimg.com www.avalanche.usermainnet.site
1 wallet.avax.network www.avalanche.usermainnet.site
1 i.ibb.co www.avalanche.usermainnet.site
1 maxcdn.bootstrapcdn.com www.avalanche.usermainnet.site
1 ajax.googleapis.com www.avalanche.usermainnet.site
20 7

This site contains links to these domains. Also see Links.

Domain
metamask.io
medium.com
coinmarketcap.com
www.coingecko.com
Subject Issuer Validity Valid
avalanche.usermainnet.site
R3		 2022-10-13 -
2023-01-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-12 -
2022-12-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
ibb.co
R3		 2022-10-09 -
2023-01-07		 3 months crt.sh
wallet.avax.network
Cloudflare Inc ECC CA-3		 2022-06-21 -
2023-06-21		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-21 -
2023-08-21		 a year crt.sh
*.website-files.com
Amazon		 2022-10-12 -
2023-11-09		 a year crt.sh

This page contains 1 frames:

Primary Page: https://www.avalanche.usermainnet.site/
Frame ID: 03B50D63D8005A108380ACE1CB27D885
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Avalanche: Blazingly Fast, Low Cost, & Eco-Friendly | Dapps Platform

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <[^>]*class="ant-(?:btn|col|row|layout|breadcrumb|menu|pagination|steps|select|cascader|checkbox|calendar|form|input-number|input|mention|rate|radio|slider|switch|tree-select|time-picker|transfer|upload|avatar|badge|card|carousel|collapse|list|popover|tooltip|table|tabs|tag|timeline|tree|alert|modal|message|notification|progress|popconfirm|spin|anchor|back-top|divider|drawer)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

4
Countries

3128 kB
Transfer

4267 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.avalanche.usermainnet.site/ 		16 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
233de6ea8ca0ce3a0cfd4194ad887c59926e515cf32865561f36244e04bafa57

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html
date
Thu, 13 Oct 2022 19:18:21 GMT
etag
W/"63486404-3ec6"
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
server
nginx
x-powered-by
PleskLin
pages.css
www.avalanche.usermainnet.site/css/ 		1 MB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avalanche.usermainnet.site/css/pages.css
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
f52b69ffa3e3a4978095f9d67f5ab9d20cfee040e1f3f5d583e7a516b6928d71

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:21 GMT
content-encoding
br
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
server
nginx
etag
W/"63486404-110d67"
x-powered-by
PleskLin
content-type
text/css
index.css
www.avalanche.usermainnet.site/css/ 		26 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avalanche.usermainnet.site/css/index.css
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
6ed27e120d63d653d02a3794e71baca9a9a7db70a2030143cf8db332e55ca284

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:21 GMT
content-encoding
br
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
server
nginx
etag
W/"63486404-6797"
x-powered-by
PleskLin
content-type
text/css
apps6.css
www.avalanche.usermainnet.site/css/ 		11 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.avalanche.usermainnet.site/css/apps6.css
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
16b1e82f5d688a203e6934153f696d4236a23848af6d4bbeb41256fd71b6e7ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:21 GMT
content-encoding
br
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
server
nginx
etag
W/"63486404-2bcf"
x-powered-by
PleskLin
content-type
text/css
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.1.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.1.1/jquery.min.js
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 14:33:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
17066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30244
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Oct 2023 14:33:55 GMT
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ 		36 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617, 617, 617, 617, 617, 617, 617, 617
age
22591397
cdn-cachedat
2021-06-08 14:35:59
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:00 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
b078a1e046f360931b46757d100ff8d1
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
759a6bae7e68bb9d-FRA
cdn-requestpullsuccess
True
3004.png
i.ibb.co/Y31RQ2L/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/Y31RQ2L/3004.png
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.210.3.236 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3172623.ip-51-210-3.eu
Software
nginx /
Resource Hash
4a39069d9323b06fb3d69ed5d45b80e7b5d8afea6567f91a92a11ff68cd98373

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:22 GMT
last-modified
Thu, 13 Oct 2022 13:29:09 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
37990
expires
Thu, 31 Dec 2037 23:55:55 GMT
metamask-logo-horizontal.svg
www.avalanche.usermainnet.site/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avalanche.usermainnet.site/img/metamask-logo-horizontal.svg
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
a2779239ae69999a04e2e98ee5be8a282a21b41b7b4c6ce00c881ecc82fcaa50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:22 GMT
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
server
nginx
etag
"63486404-139c"
x-powered-by
PleskLin
content-type
image/svg+xml
accept-ranges
bytes
content-length
5020
metamask-fox.svg
www.avalanche.usermainnet.site/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avalanche.usermainnet.site/img/metamask-fox.svg
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
b855851451c3eb7220bc7331d6cf7f19dad4580ebc35610211f028848ba7fc34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:22 GMT
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
server
nginx
etag
"63486404-c9f"
x-powered-by
PleskLin
content-type
image/svg+xml
accept-ranges
bytes
content-length
3231
jalogo.png
www.avalanche.usermainnet.site/img/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avalanche.usermainnet.site/img/jalogo.png
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
1b8d482213ffd44b24bc579d3cc33c8dcfa7936f4e946f15ef4fa6ed566264a5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:22 GMT
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
server
nginx
etag
"63486404-1480"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
5248
wallet_logo.9ff22941.png
wallet.avax.network/img/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://wallet.avax.network/img/wallet_logo.9ff22941.png
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1023 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46405f385f838d88a2292af2d5e8539e542b2878eb56f87e8994701cb5cb5948
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:22 GMT
strict-transport-security
max-age=0
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length
8028
referrer-policy
no-referrer
server
cloudflare
etag
"7d89e189aac0f79436b728ba625084d9"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WhkCaBsL9wXhJN%2FfjXnxG4%2F%2BONrOyycnYz9NyGjjkPS%2FovjmvLRBVS0jQL7gHS3n8OYqNppjpqLek79bScguXF1qW7%2FTDS3gCnw5UoGLTtInzPIjiTj5UKeC6Gi%2F7RQmQGlu6qpZAuOl%2BTnBYmtcKfiK"}],"group":"cf-nel","max_age":604800}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
vary
Accept-Encoding
accept-ranges
bytes
cf-ray
759a6bb40f7e9025-FRA
ENWlpa1UcAANrSS.png
pbs.twimg.com/media/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/media/ENWlpa1UcAANrSS.png
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:62::159 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
11fef5459e64fd648dbb9eef998c9a3aa0183185653323a8855fd4335f8de624
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=631138519
date
Thu, 13 Oct 2022 19:18:22 GMT
x-content-type-options
nosniff
x-cache
HIT, HIT
server-timing
x-cache;desc=HIT, x-tw-cdn;desc=FT
content-length
4785
x-served-by
cache-lhr7347-LHR, cache-hhn11576-HHN, cache-tw-ZZZ1
last-modified
Fri, 03 Jan 2020 11:19:33 GMT
x-tw-cdn
FT
content-type
image/png
access-control-allow-origin
*
x-transaction-id
860a76901da358bd
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
secondaryavax.png
www.avalanche.usermainnet.site/img/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avalanche.usermainnet.site/img/secondaryavax.png
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
e4a7f2a0cd9563a7ead10f9e6dbcbb4903d2c3d779d4f836464b060e25b20b7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:22 GMT
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
server
nginx
etag
"63486404-2576"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
9590
metamask.png
www.avalanche.usermainnet.site/img/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avalanche.usermainnet.site/img/metamask.png
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
9b990de9aa8b641f5dca4ac4480fdafaa9e7e9340fd0d04abfb8d6d1beac89af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:22 GMT
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
server
nginx
etag
"63486404-7404"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
29700
trustsvg.svg
www.avalanche.usermainnet.site/img/ 		831 B
1004 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avalanche.usermainnet.site/img/trustsvg.svg
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
6d0bb062ab4de0bf13762234534289b50ae38e0c8fb9982779cd552e833cdfd5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:22 GMT
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
server
nginx
x-accel-version
0.01
etag
"33f-5eaef582728da"
x-powered-by
PleskLin
content-type
image/svg+xml
accept-ranges
bytes
content-length
831
tezos.png
www.avalanche.usermainnet.site/img/ 		113 KB
114 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avalanche.usermainnet.site/img/tezos.png
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
6e279834d2c77ed371888666bcfdea32a25d3c97ebf1e85254693ca82b7dbff2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:22 GMT
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
server
nginx
etag
"63486404-1c5af"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
116143
coinbase.png
www.avalanche.usermainnet.site/img/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avalanche.usermainnet.site/img/coinbase.png
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
0d7d93559274548a6f1aaf9d805ec1fe1a089a07262ed1986a8054b9a84e5142

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:22 GMT
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
server
nginx
etag
"63486404-7606"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
30214
apps.js
www.avalanche.usermainnet.site/css/ 		448 B
330 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.avalanche.usermainnet.site/css/apps.js
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
100b6607c3db2440a5beed64e3868a0282ba28a51cfa7f644802787d1917266b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:22 GMT
content-encoding
br
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
x-accel-version
0.01
server
nginx
etag
W/"1c0-5eaef582557f7"
x-powered-by
PleskLin
content-type
application/javascript
Red_256.png
www.avalanche.usermainnet.site/img/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.avalanche.usermainnet.site/img/Red_256.png
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
103.129.220.10 , Indonesia, ASN138062 (IDNIC-PAAS-AS-ID PT. Awan Kilat Semesta, ID),
Reverse DNS
iix91.cloudhost.id
Software
nginx / PleskLin
Resource Hash
634a2b895743a9a27ee94dfec344b45369c53d16a7e17411a159426ac6750448

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 13 Oct 2022 19:18:22 GMT
last-modified
Thu, 13 Oct 2022 19:16:20 GMT
server
nginx
etag
"63486404-5abc"
x-powered-by
PleskLin
content-type
image/png
accept-ranges
bytes
content-length
23228
621fc0ec971cc2fc6c98c787_Asset%207%402x.png
assets-global.website-files.com/6059b554e81c705f9dd2dd32/ 		3 MB
3 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-global.website-files.com/6059b554e81c705f9dd2dd32/621fc0ec971cc2fc6c98c787_Asset%207%402x.png
Requested by
Host: www.avalanche.usermainnet.site
URL: https://www.avalanche.usermainnet.site/css/pages.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:c200:12:9e5f:cac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66ba05e36fd316cef2f36febceca3213a07208927a5e91b7f7127faae8d6b9d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.avalanche.usermainnet.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 20 Jul 2022 21:17:28 GMT
x-amz-version-id
H4ogNsPKGzwvHWtyk4Um.ySG5qH_UXzk
via
1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
age
7336855
x-amz-cf-pop
FRA6-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2799353
last-modified
Wed, 02 Mar 2022 19:09:33 GMT
server
AmazonS3
etag
"be0d62530a3d7fbf142281fc2629ba1a"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
4ja5aZbqIpSCmZMPX3djtGW2qoh7MGNM8o3dVqqYdanY_Gmb1agXWQ==

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| modal object| btn object| span

1 Cookies

Domain/Path Name / Value
.avax.network/ Name: __cf_bm
Value: KY5UX5cKzwTElBkHfEfrG0JaRsc77e6AzUmrTBasZ_s-1665688702-0-AQbCOoC9XWACQwXx6r9kVsCscvy9HcZoaAnNrZoiLV0dkdehBXyN9sDGV+1xgC76NZM8/Gv7+ETSKhRsYUbEsZM=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
assets-global.website-files.com
i.ibb.co
maxcdn.bootstrapcdn.com
pbs.twimg.com
wallet.avax.network
www.avalanche.usermainnet.site
103.129.220.10
2600:9000:2057:c200:12:9e5f:cac0:93a1
2606:4700::6812:1023
2606:4700::6812:acf
2a00:1450:4001:830::200a
2a04:4e42:62::159
51.210.3.236
0d7d93559274548a6f1aaf9d805ec1fe1a089a07262ed1986a8054b9a84e5142
100b6607c3db2440a5beed64e3868a0282ba28a51cfa7f644802787d1917266b
11fef5459e64fd648dbb9eef998c9a3aa0183185653323a8855fd4335f8de624
16b1e82f5d688a203e6934153f696d4236a23848af6d4bbeb41256fd71b6e7ee
1b8d482213ffd44b24bc579d3cc33c8dcfa7936f4e946f15ef4fa6ed566264a5
233de6ea8ca0ce3a0cfd4194ad887c59926e515cf32865561f36244e04bafa57
46405f385f838d88a2292af2d5e8539e542b2878eb56f87e8994701cb5cb5948
4a39069d9323b06fb3d69ed5d45b80e7b5d8afea6567f91a92a11ff68cd98373
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
634a2b895743a9a27ee94dfec344b45369c53d16a7e17411a159426ac6750448
66ba05e36fd316cef2f36febceca3213a07208927a5e91b7f7127faae8d6b9d3
6d0bb062ab4de0bf13762234534289b50ae38e0c8fb9982779cd552e833cdfd5
6e279834d2c77ed371888666bcfdea32a25d3c97ebf1e85254693ca82b7dbff2
6ed27e120d63d653d02a3794e71baca9a9a7db70a2030143cf8db332e55ca284
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
9b990de9aa8b641f5dca4ac4480fdafaa9e7e9340fd0d04abfb8d6d1beac89af
a2779239ae69999a04e2e98ee5be8a282a21b41b7b4c6ce00c881ecc82fcaa50
b855851451c3eb7220bc7331d6cf7f19dad4580ebc35610211f028848ba7fc34
e4a7f2a0cd9563a7ead10f9e6dbcbb4903d2c3d779d4f836464b060e25b20b7a
f52b69ffa3e3a4978095f9d67f5ab9d20cfee040e1f3f5d583e7a516b6928d71