Report - metamasks-extensions.com/

Report Overview

Submitted URL
metamasks-extensions.com/
IP
104.21.59.145
ASN
#13335 CLOUDFLARENET
Submitted
2023-04-11 18:46:37
Access
public
Website Title
Final URL
Tags
crypto phishing
urlquery detections
Phishing - Generic Crypto/Wallet

Detections

urlquery
12
Network Intrusion Detection
0
Threat Detection Systems
52

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
metamasks-extensions.com	unknown	2023-04-10	2023-04-11	6.0 kB	642 kB	104.21.59.145
code.jquery.com	634	2012-05-21	2023-04-11	454 B	24 kB	69.16.175.10
cdn.jsdelivr.net	439	2012-09-30	2023-04-10	435 B	36 kB	104.16.87.20
maxcdn.bootstrapcdn.com	724	2014-06-18	2023-04-10	966 B	196 kB	104.18.11.207
d3e54v103j8qbb.cloudfront.net	unknown	2016-03-11	2023-04-10	509 B	90 kB	143.204.42.231

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-04-11	medium	metamasks-extensions.com/
2023-04-11	medium	metamasks-extensions.com/images/mm-logo.svg
2023-04-11	medium	metamasks-extensions.com/js/script.js
2023-04-11	medium	metamasks-extensions.com/js/webflow.js
2023-04-11	medium	metamasks-extensions.com/fonts/EuclidCircularB-Bold-WebXL.woff2
2023-04-11	medium	metamasks-extensions.com/fonts/EuclidCircularB-Regular-WebXL.woff2
2023-04-11	medium	metamasks-extensions.com/js/webflow.js
2023-04-11	medium	metamasks-extensions.com/js/script.js
2023-04-11	medium	metamasks-extensions.com/fonts/EuclidCircularB-Bold-WebXL.woff
2023-04-11	medium	metamasks-extensions.com/fonts/EuclidCircularB-Regular-WebXL.woff

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.2.1.slim.min.js	70 kB	2023-03-07	2024-07-27
Pretty URL code.jquery.com/jquery-3.2.1.slim.min.js IP 69.16.175.10 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:43 Last Seen2024-07-27 01:42:58 Times Seen123644 Hash 5f48fc77cac90c4778fa24ec9c57f37d 9e89d1515bc4c371b86f4cb1002fd8e377c1829f 9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398 Loading...

	maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js	49 kB	2023-03-07	2024-07-27
Pretty URL maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-07-27 02:05:58 Times Seen155847 Hash 14d449eb8876fa55e1ef3c2cc52b0c17 a9545831803b1359cfeed47e3b4d6bae68e40e99 e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Loading...

	d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5fd1a30a78e29a0936f57bd9	90 kB	2023-03-07	2024-07-27
Pretty URL d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5fd1a30a78e29a0936f57bd9 IP 143.204.42.231 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-07-27 04:01:50 Times Seen170946 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cdn.jsdelivr.net/npm/@emailjs/browser@3/dist/email.min.js	35 kB	2023-04-09	2024-01-07
Pretty URL cdn.jsdelivr.net/npm/@emailjs/browser@3/dist/email.min.js IP 104.16.87.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-09 18:48:25 Last Seen2024-01-07 14:00:56 Times Seen195 Hash b0d6d9ccfe6dcadab54aa934fd82799f 436bde33885f97c2fe06c0bb3220e326a0834e16 a0ab02baf40775e37b6a44b568430e5a9b75eebf963bdf0f4406f7a19adb9fe5 Loading...

	metamasks-extensions.com/	0 B	2023-03-07	2024-07-27
Pretty URL metamasks-extensions.com/ IP 104.21.59.145 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-07-27 04:01:58 Times Seen41184578 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (21)

URL IP Response Size

metamasks-extensions.com/

104.21.59.145

200 OK

2.4 kB

URL User Request GET HTTP/1.1
metamasks-extensions.com/
IP
104.21.59.145:80
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
2.4 kB (2354 bytes)
Hash
098721e0ecb0462ff5861175a0359ed2
e0e2df7c5536f676a1cf54521b7008b3518c57c3
5960fcf7676e21368da801f80017244246caad3abf75a73f7f6549bfae196ce6

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
last-modified: Mon, 10 Apr 2023 22:33:02 GMT
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=toCF7Kaau%2F5eRnXf52q1YQDS1TdzD4ezQiyh4X26QLRUzcvtssObj0fBr2LW8v5A3h3ASufVj938xoueVCaHduBt0wV7uD9CttLbOkoJxitBdaaKUmfRRnILJ52JW4BlGEoWTkTX2ajnD6A%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b6564598ff6b4ed-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/css/normalize.css

104.21.59.145

200 OK

2.6 kB

URL GET HTTP/1.1
metamasks-extensions.com/css/normalize.css
IP
104.21.59.145:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
ASCII text
Size
2.6 kB (2633 bytes)
Hash
147ae3ee475d1656477021e0c23b9c8f
9b34b5333ba0700b111fe1805732ef32b61c76b3
1210dea7064a402c0e36be6e87ea37bf4a52e095ef1dc32b09102b386ed0e1a7

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /css/normalize.css HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: text/css
Content-Length: 2633
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 18 Apr 2023 04:41:26 GMT
last-modified: Mon, 10 Apr 2023 22:23:46 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 50684
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=15c%2FeZQqhw3p4PDeb%2BkCFt8DwwDKUf1KfIGoduGMqxzWRy%2FN0%2FQIzkbUBy7WHJLe0y2vzF440HS0Fpce1O7uwLoLEpCOVXTjOGPwefvbKj8kbeo3EkWR8CXJ34PLRKFfRm%2FxqiYJBNMbnlo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b65645b2baeb4ed-OSL
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/css/webflow.css

172.67.179.76

200 OK

9.6 kB

URL GET HTTP/1.1
metamasks-extensions.com/css/webflow.css
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
Unicode text, UTF-8 text, with very long lines (2587)
Size
9.6 kB (9625 bytes)
Hash
0a306fff49c08ee7b04b576c6c65589b
b7d1799d441a754bec9f56d46729439dc831cbf2
3a15db79a5b13d9e25fe99b47c8ad51fc9686b8d076e0ad4fe0eb23a0551ea38

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /css/webflow.css HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: text/css
Content-Length: 9625
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 18 Apr 2023 04:41:26 GMT
last-modified: Mon, 10 Apr 2023 22:23:55 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 50684
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9OOhMXWGGX6j5Ka8A%2BAx2hAnqoBN4r7SFRnwqGn9i%2FeILivUV4VBl%2FRsCfQ9OrSyD3z%2B%2FkQc8l93NhXEZ9xURytYyi2Dig83ciPv8CL2mRelzUwBvuUptJfW7cU%2Bsw5tSBjA00h1zf2xECQ%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b65645b2bb3b4ed-OSL
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/css/staging.webflow.css

172.67.179.76

200 OK

13 kB

URL GET HTTP/1.1
metamasks-extensions.com/css/staging.webflow.css
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
ASCII text
Size
13 kB (12659 bytes)
Hash
62b9c1842a1248b5333d145341f4cfa3
fbf61bd1f35562649bf50fb4f2480c4f2acde73f
4d465a200dddce62576a849f08f818955d69b8992314e350d3bd7712f5a84338

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /css/staging.webflow.css HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: text/css
Content-Length: 12659
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 18 Apr 2023 04:41:26 GMT
last-modified: Mon, 10 Apr 2023 22:23:51 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 50684
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOrb4nrtkcW%2BIpZpA14BOZITigdW68wLIFpAakig8eZxVYTEt9BiEmOSvBAvbN3HOwiIAypWI8aYLKROgejp5cwwg%2FWU%2BulXOiDz6onGMdNYEM%2FoKgWCNV5%2BrJP5SBvsPF%2BXRrkUXWOETrs%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b65645b2a44b512-OSL
alt-svc: h2=":443"; ma=60

code.jquery.com/jquery-3.2.1.slim.min.js

69.16.175.10

200 OK

24 kB

URL GET HTTP/2
code.jquery.com/jquery-3.2.1.slim.min.js
IP
69.16.175.10:443
ASN
#20446 STACKPATH-CDN

Requested by
http://metamasks-extensions.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (32012)
Size
24 kB (23856 bytes)
Hash
30f5157a965bc792a83e9bacfe265f03
8330886371fe27f3cbac509e0ac9712207574c66
4d12cab1f84ec2ac780bc8e0d865d9c61025be579c78d6532d76f0574d17fca0

HTTP Headers

GET /jquery-3.2.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://metamasks-extensions.com
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 11 Apr 2023 18:46:23 GMT
content-encoding: gzip
content-length: 23856
content-type: application/javascript; charset=utf-8
last-modified: Fri, 12 Aug 2022 13:47:02 GMT
accept-ranges: bytes
server: nginx
etag: W/"62f659d6-10fdd"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1681238783.dop023.sk1.t,1681238783.cds068.sk1.hn,1681238783.cds235.sk1.c
X-Firefox-Spdy: h2

metamasks-extensions.com/images/mm-logo.svg

172.67.179.76

200 OK

3.3 kB

URL GET HTTP/1.1
metamasks-extensions.com/images/mm-logo.svg
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001)
Size
3.3 kB (3289 bytes)
Hash
75536fc9d6e2f24b5d4a43206f59daea
d6b451451650bb4028e6e36562cf590370534324
1fec7292d135f29856c58b107c76d144f532a9a3b5d36acefa89ae4e3e990c61

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /images/mm-logo.svg HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: image/svg+xml
Content-Length: 3289
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 18 Apr 2023 04:41:27 GMT
last-modified: Mon, 10 Apr 2023 22:24:32 GMT
content-encoding: gzip
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 50684
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NYUZ0Old6jl8DzRfkHGGMftzOWNxc1g0M8NN0jaR%2FQgka0XnQwy0C0xYljrb%2FE45bwF%2FY2QrzOEqZdEEb2tb1owWDYLhLYX6nMUzmMZFZGLERzdxGmy47YcbaTylmvtzdwAnnih5ZabpMJ8%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b65645b8b43b512-OSL
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/js/script.js

172.67.179.76

404 Not Found

713 B

URL GET HTTP/1.1
metamasks-extensions.com/js/script.js
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
713 B (713 bytes)
Hash
ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /js/script.js HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DThmbREZRB1apYyy8bu5btfdpQQl5%2F1otx1ARTu%2FaYLebEOz3g8S5w7T0hYkb4blhuXBxpv8lEw3pJAKJ%2BgqVNm04v4W4gW4xmgg86KpaZg3ZoggZigmkbg9X4pvhTQ3OWdk%2BVtaSa1lrjI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b65645b3c021bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/js/webflow.js

172.67.179.76

404 Not Found

713 B

URL GET HTTP/1.1
metamasks-extensions.com/js/webflow.js
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
713 B (713 bytes)
Hash
ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /js/webflow.js HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uxNR6b1IHmY6wYAKhT%2FmcTJyuxkZ9cWlkuMjdRdSofDE2xxl9w%2BNEpIwX8vjRK695ZCrj9gWpTB%2B4HH5npKjsFxKA2DRkjwQjLnblF11Or%2F0tKLAZkcdTdz8LdiXExQ%2BnRU6FuvHoMGMS8M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b65645b3ec30b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/images/hero2.2.png

172.67.179.76

200 OK

590 kB

URL GET HTTP/1.1
metamasks-extensions.com/images/hero2.2.png
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
PNG image data, 1752 x 1452, 8-bit/color RGBA, non-interlaced\012- data
Size
590 kB (589568 bytes)
Hash
d0ec70f4c666fbf6ad0d30a52d08c5c9
e48f0688bc4f592824840478d12c05df0dd12002
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /images/hero2.2.png HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasks-extensions.com/css/staging.webflow.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: image/png
Content-Length: 589568
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 18 Apr 2023 04:41:27 GMT
last-modified: Mon, 10 Apr 2023 22:24:26 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 50684
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2FMG2duSqaS%2BglsCNSY7dmKPJil%2FxciHOrrBQHizdx1hG4zg4bPEFpLq5Rh%2FWCrepEzVNXgsa3dalO8PHIn0HoZJN8lBgaq%2B6mAIsZGMQtFoPmCwD9P3EcxpuPHyv7WmAF830OiGCyg5r%2Fg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b65645d2f02b512-OSL
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/fonts/EuclidCircularB-Bold-WebXL.woff2

172.67.179.76

404 Not Found

1.2 kB

URL GET HTTP/1.1
metamasks-extensions.com/fonts/EuclidCircularB-Bold-WebXL.woff2
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /fonts/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamasks-extensions.com/css/staging.webflow.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbUlVM6ySLtSE7oxxHoF3VzrtJtGLaRTFlno7lL3BH74kPJRYjeFMrtRSpDBWlxwq5yguEWVvH4ti8Ylrc9m5nYGQIDksthX12e4AyBlx94xeUm2oeHU716712IxkRhiiDobdF77JDC6CKA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b65645d2f441bfa-OSL
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/fonts/EuclidCircularB-Regular-WebXL.woff2

172.67.179.76

404 Not Found

1.2 kB

URL GET HTTP/1.1
metamasks-extensions.com/fonts/EuclidCircularB-Regular-WebXL.woff2
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /fonts/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamasks-extensions.com/css/staging.webflow.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B1j%2B9HCqdxPkdmGre70PLSGl%2FbMzeQ6cFZu2ftH86YJsr5xIJfGPp5x9gnxCVr3rbLExnsFzBomKsiv9lDBISsc5t6cz2ULFNK8SPZtW%2FVrCfEyA7hnwbqqbOoIRLi1MHIooYzPZKKdE1Pk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b65645d2870b4ed-OSL
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/js/webflow.js

172.67.179.76

404 Not Found

713 B

URL GET HTTP/1.1
metamasks-extensions.com/js/webflow.js
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
713 B (713 bytes)
Hash
ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /js/webflow.js HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oYs%2BKSbnsZoEzuuWTivJsC1ndKl9D2FWdjUmYCLstAPbgs1bVpPAg1yNaoeJy9pLMdXfmQNcOonhMZRrzT%2B1P6bVPoCS7AkJXx9SrjXnlgvdlb%2BncD47OIXdQA0W%2F%2Byer50tEjsYyBXKPVA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b65645d2ad60b55-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/js/script.js

172.67.179.76

404 Not Found

713 B

URL GET HTTP/1.1
metamasks-extensions.com/js/script.js
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
713 B (713 bytes)
Hash
ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /js/script.js HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jr9TO5T7dGyy%2BfQ4ki6aRnio1cjXajFdKZ8nqSbrim2s6CMrlZdF57U0EC0RZE%2Fg1yWLSAXsOwJvkZcRrHXKGmicrQUDRXLaI%2B1HkU67W2DU8k0CJz48bgUfd6Sx9XRoqe0uEu%2B6Sl3o09I%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b65645dd8511bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/fonts/EuclidCircularB-Bold-WebXL.woff

172.67.179.76

404 Not Found

1.2 kB

URL GET HTTP/1.1
metamasks-extensions.com/fonts/EuclidCircularB-Bold-WebXL.woff
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /fonts/EuclidCircularB-Bold-WebXL.woff HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamasks-extensions.com/css/staging.webflow.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6tAbdkDbtpg4Q5DROIioaxJDjVvvXRKCVzCK%2FafpjyvR1EnYZXfbaBxJmHpNtr9iAS7jWEzGBvIQziIr%2FAbGWwbgjPuU38kafbtG5a16Efa2ucIXi1hY1TOw0z8w%2Fhm%2Fzzjz9HTRyFxrb4Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b65645dc83db512-OSL
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/fonts/EuclidCircularB-Regular-WebXL.woff

172.67.179.76

404 Not Found

1.2 kB

URL GET HTTP/1.1
metamasks-extensions.com/fonts/EuclidCircularB-Regular-WebXL.woff
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet
fortinet	Phishing

HTTP Headers

GET /fonts/EuclidCircularB-Regular-WebXL.woff HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://metamasks-extensions.com/css/staging.webflow.css
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EpQlgHCwQ9APaI5Lrfya%2FfeicFs7%2B8aw8sezJysl5%2FshiYAQan%2FmZAOMrCJ9R9akAc1wNxPPj2D8Acrpw3u0kH7iSOGIvLNjVJUgDcKnaHm0q9ezE91KixkHSV3WCkeiWQLWcJHbNvFmeAI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b65645dc9f9b4ed-OSL
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/images/favicon.png

172.67.179.76

200 OK

1.5 kB

URL GET HTTP/1.1
metamasks-extensions.com/images/favicon.png
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1532 bytes)
Hash
b7919ea38a8beed9b4763858c4f7412b
1aa57bcd7ca8a0c3352923c9ee06c472f23d5b63
214080adac9969108cb602cb68617e332db1288e95e18c29c10f9396c6d3744c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
openphish	Crypto/Wallet

HTTP Headers

GET /images/favicon.png HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: image/png
Content-Length: 1532
Connection: keep-alive
cache-control: public, max-age=604800
expires: Tue, 18 Apr 2023 04:41:27 GMT
last-modified: Mon, 10 Apr 2023 22:24:44 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: HIT
Age: 50684
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q7rfqre82Sr9NsA2Hv%2Bc9YANd7I50OX25LaAbJ5BK3CBzWHwtYu4z0TcinAxv7d2RPK4%2FapkNotTfI2bqrAlzV%2FISlF0fQvl%2B1f0JYZYRuSi9%2FS%2B3FGXclrOAPziFI3npsa9MnyfGsdZ0Us%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b65645e7ba0b4ed-OSL
alt-svc: h2=":443"; ma=60

metamasks-extensions.com/images/webclip.png

172.67.179.76

404 Not Found

713 B

URL GET HTTP/1.1
metamasks-extensions.com/images/webclip.png
IP
172.67.179.76:80
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
713 B (713 bytes)
Hash
ce15c0d47861b60d1d2cd5110897110d
4327585a554449e148e28337c8abb7a689458a6c
178f765bdf62e984582a72f5f9c76832cfd7cbb5c706d2cb4c9200bd7875744a

Detections

Analyzer	Verdict	Alert
openphish	Crypto/Wallet

HTTP Headers

GET /images/webclip.png HTTP/1.1
Host: metamasks-extensions.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Tue, 11 Apr 2023 18:46:23 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: BYPASS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1o71juufcTHe5ofYz66ZlCz5ktfnBHM11DTJayY1MOGUgUCt0FZAhV1jy94h%2Fg%2BZRyGCYTUMu2rp%2BQAiuoaK4aJcFeaZGqnLnHiRGQXhr0k2GpQmSht2V1hEWZVvfOkhtR5qpHmNp3kOTrk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b65645e79a8b512-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

cdn.jsdelivr.net/npm/@emailjs/browser@3/dist/email.min.js

104.16.87.20

200 OK

35 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/@emailjs/browser@3/dist/email.min.js
IP
104.16.87.20:443
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5C:61:30:2F:8C:51:BF:3D:79:B5:3A:04:9A:91:F0:1C:D9:78:87:40
ValidityThu, 02 Jun 2022 00:00:00 GMT - Thu, 01 Jun 2023 23:59:59 GMT

File type

Size
35 kB (34826 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /npm/@emailjs/browser@3/dist/email.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 11 Apr 2023 18:46:23 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 3.11.0
x-jsd-version-type: version
etag: W/"880a-Q2veM4hfl8L+BsC7MiDjJqCDThY"
x-served-by: cache-fra-eddf8230109-FRA, cache-yyz4523-YYZ
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 14367
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2BuNqQDjcnsCLLLLTtiFcY3FTV6SCZpo3gZG8ZwOc2L9w3k0uer4lPhkaKKELLrmcJwr%2FSmolZLZfPCHcDoInDrYivZSl8U%2BsKtuEf0p2xUnTmtyeXD%2FDDbXq%2BUo66TxwzI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b65645b6c60b4f9-OSL
content-encoding: br
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css

104.18.11.207

200 OK

145 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65325)
Size
145 kB (144877 bytes)
Hash
450fc463b8b1a349df717056fbb3e078
895125a4522a3b10ee7ada06ee6503587cbf95c5
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d

HTTP Headers

GET /bootstrap/4.0.0/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://metamasks-extensions.com
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 11 Apr 2023 18:46:23 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"450fc463b8b1a349df717056fbb3e078"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/18/2022 06:18:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 752
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: 97d0b44eaf0831ea508df9c94eb7b7fc
cdn-cache: HIT
cf-cache-status: HIT
age: 50684
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b65645b6eedb517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js

104.18.11.207

200 OK

49 kB

URL GET HTTP/2
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js
IP
104.18.11.207:443
ASN
#13335 CLOUDFLARENET

Requested by
http://metamasks-extensions.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint5B:F7:8F:50:AD:E5:5B:5E:8C:4A:39:3D:0C:98:E8:8C:18:4B:3D:8A
ValidityFri, 30 Dec 2022 00:00:00 GMT - Sat, 30 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (48664)
Size
49 kB (48944 bytes)
Hash
14d449eb8876fa55e1ef3c2cc52b0c17
a9545831803b1359cfeed47e3b4d6bae68e40e99
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b

HTTP Headers

GET /bootstrap/4.0.0/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://metamasks-extensions.com
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 11 Apr 2023 18:46:23 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"14d449eb8876fa55e1ef3c2cc52b0c17"
last-modified: Mon, 25 Jan 2021 22:04:04 GMT
cdn-cachedat: 11/25/2022 23:23:38
cdn-proxyver: 1.03
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 865
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-status: 200
cdn-requestid: ebcf2263368b0a72c9064468e1daa2c9
cdn-cache: HIT
cf-cache-status: HIT
age: 50684
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7b65645b6ef9b517-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5fd1a30a78e29a0936f57bd9

143.204.42.231

200 OK

90 kB

URL GET HTTP/2
d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5fd1a30a78e29a0936f57bd9
IP
143.204.42.231:443
ASN
#16509 AMAZON-02

Requested by
http://metamasks-extensions.com/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintBA:0F:CD:B3:EA:19:B2:9D:99:9B:51:2D:16:33:6B:D0:3F:31:A2:AB
ValidityThu, 08 Dec 2022 00:00:00 GMT - Thu, 07 Dec 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=5fd1a30a78e29a0936f57bd9 HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://metamasks-extensions.com
Connection: keep-alive
Referer: http://metamasks-extensions.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 10 Apr 2023 23:32:24 GMT
cache-control: max-age=84600, must-revalidate
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
age: 69248
x-cache: Hit from cloudfront
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: s73NYA-mtJdil8-NmXs3mwFeW-dAAJNLdqwFEN4qIc4vkBi1-FHoCA==
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (21)

URL User Request GET HTTP/1.1

IP

ASN

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/1.1