Report - metamask.io.creative-erp.ro/mywallet/

Report Overview

Visited public
2023-09-26 00:07:43
Tags
crypto phishing
URL
metamask.io.creative-erp.ro/mywallet/
Finishing URL
metamask.io.creative-erp.ro/mywallet/
IP / ASN
185.179.159.0
#50937 Tes Euro Media SRL
Title
Verification | MetaMask
Phishing - Generic Crypto/Wallet

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-25 18:12:03	2.0 kB	4.2 kB	142.250.74.131
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-09-25 23:16:14	458 B	1.4 kB	142.250.74.106
cdn.korzh.com	unknown	1999-01-12	2017-02-10 09:55:23	2023-09-19 18:55:49	878 B	768 kB	104.21.5.183
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-09-25 22:05:36	2.2 kB	36 kB	216.58.207.227
metamask.io.creative-erp.ro	unknown	2020-10-22	2023-09-21 17:39:53	2023-09-25 19:17:57	12 kB	533 kB	185.179.159.0
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-09-25 18:12:14	2.6 kB	214 kB	151.101.193.229
images.ctfassets.net	4623	2017-03-28	2017-09-20 18:27:05	2023-09-24 18:39:59	547 B	53 kB	143.204.55.79

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/mywallet/	Crypto/Wallet
2023-09-25	medium	metamask.io.creative-erp.ro/	Crypto/Wallet

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	From	Size	First Seen	Last Seen
	cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js	ScriptElement	72 kB	2023-03-07	2025-05-09
Pretty URL cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 11:45 Times Seen2366 Hash fb8409a092adc6e8be17e87d59e0595e cf8d9821552d51bb50ce572e696aba1309065800 e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js	ScriptElement	83 kB	2023-03-07	2025-05-09
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:23 Last Seen2025-05-09 09:16 Times Seen3776 Hash a0805bca912ec901f2a7096228b62d46 3233fd01d87fba457eaad8dcbc289f75b170f814 19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49 Loading...

	metamask.io.creative-erp.ro/mywallet/	ScriptElement	73 B	2023-03-07	2025-05-06
Pretty URL metamask.io.creative-erp.ro/mywallet/ IP 185.179.159.0 ASN #50937 Tes Euro Media SRL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:24 Last Seen2025-05-06 11:44 Times Seen200 Hash ccf7a258eee5e12d2cb3d813a5da86c8 0d0c6985e493d2f610870c9259901a2511734328 441b05bfa42c0b589fd682ec21e9ba36e55f6ec2718fbb259a812cd0b999c28e Loading...

	metamask.io.creative-erp.ro/mywallet/style/webfont.js	ScriptElement	13 kB	2023-03-07	2025-05-09
Pretty URL metamask.io.creative-erp.ro/mywallet/style/webfont.js IP 185.179.159.0 ASN #50937 Tes Euro Media SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-09 11:08 Times Seen17504 Hash 7c96a5f11d9741541d5e3c42ff6380d7 d3fa2564c021cf730e58ffddb138cf6b57ed126e 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Loading...

	metamask.io.creative-erp.ro/mywallet/	ScriptElement	97 B	2023-09-26	2024-08-21
Pretty URL metamask.io.creative-erp.ro/mywallet/ IP 185.179.159.0 ASN #50937 Tes Euro Media SRL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-26 02:07 Last Seen2024-08-21 05:45 Times Seen11 Hash e211fcffffcad47d3a228f99f6c58a8b 3374e65ba852370abdc282f57fa6b7234fddeaa1 21280025d608be64117109d0d04677521dfdd3f9a1e0e6294c0e8722a3b11f09 Loading...

	metamask.io.creative-erp.ro/mywallet/js/control.js	ScriptElement	225 B	2023-09-26	2024-10-11
Pretty URL metamask.io.creative-erp.ro/mywallet/js/control.js IP 185.179.159.0 ASN #50937 Tes Euro Media SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 02:07 Last Seen2024-10-11 08:47 Times Seen12 Hash e76ac728698e3935cf039957458a10fb 2bcaab3d6af5441e94a80ddb9a70f7172896f7c6 e2121382a5483d7882fef2175c93f173b4eaa9e2264b71612808a87e269043c4 Loading...

	metamask.io.creative-erp.ro/mywallet/	ScriptElement	1.4 kB	2023-09-26	2024-08-21
Pretty URL metamask.io.creative-erp.ro/mywallet/ IP 185.179.159.0 ASN #50937 Tes Euro Media SRL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-26 02:07 Last Seen2024-08-21 05:45 Times Seen11 Hash eb5585a904579924ce58dce730a56b05 99518ae241e056f3aa89253e07d3d50bd05833f7 ac4d66982e1bee4753c08ee8553752ee8078a2519f764f5288d56bcc76029e1f Loading...

	metamask.io.creative-erp.ro/mywallet/style/main.js	ScriptElement	90 kB	2023-03-07	2025-05-09
Pretty URL metamask.io.creative-erp.ro/mywallet/style/main.js IP 185.179.159.0 ASN #50937 Tes Euro Media SRL Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10 Last Seen2025-05-09 08:35 Times Seen3951 Hash 0732e3eabbf8aa7ce7f69eedbd07dfdd 4cd5ddc413b3024d7b56331c0d0d0b2bd933f27f ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b Loading...

	cdn.korzh.com/metroui/v4/js/metro.min.js	ScriptElement	623 kB	2023-09-26	2024-10-11
Pretty URL cdn.korzh.com/metroui/v4/js/metro.min.js IP 104.21.5.183 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-26 02:07 Last Seen2024-10-11 08:47 Times Seen13 Hash fde6223c137255aa0d9876b8e8baf265 2cf5dafbf21bc2b91074ba33d594f9b729121a63 3c8989ad7b3de70187687e6d2d23e063a823db3ab0e4d0a5fdb40e3e18a7380a Loading...

	metamask.io.creative-erp.ro/mywallet/	ScriptElement	890 B	2023-09-26	2024-08-21
Pretty URL metamask.io.creative-erp.ro/mywallet/ IP 185.179.159.0 ASN #50937 Tes Euro Media SRL Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-26 02:07 Last Seen2024-08-21 05:45 Times Seen11 Hash c8db05dcb7e25b73e3316c5c05e195b5 f31beaa683bf4fac070f9982831b021dc38d2887 11fb4eaadf8552fd59b9521e2269738beace2e8e4a0c2e44fefa8b1467cc12e8 Loading...

HTTP Transactions (43)

URL IP Response Size

metamask.io.creative-erp.ro/mywallet/style/normalize.css

185.179.159.0

200 OK

2.5 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/normalize.css
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
ASCII text, with CRLF line terminators
Size
2.5 kB (2461 bytes)
Hash
519121fa4cdf6782a4c1c412564605e2
dcd9297e0c5c4a9a8ba8fb02a7d93cf85984ccd3
25194b73ec31c5fa1e315cd30fd7428f4075d725740663aea2e60d1de61288cb

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/normalize.css HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: text/css
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "1fbf-6432bb48-b912f89a150c5d61;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 2461
date: Tue, 26 Sep 2023 00:07:26 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

metamask.io.creative-erp.ro/mywallet/style/webflow.css

185.179.159.0

200 OK

10 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/webflow.css
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
assembler source, Unicode text, UTF-8 text, with very long lines (2587), with CRLF line terminators
Size
10 kB (10546 bytes)
Hash
395b633beea11647b06bebb9c5e9304b
af27e6eaffa90ae378e10d26392175e107bf86bb
5c4150571c1079e893f2af365598d52388a77fbaff96e9aa42946dc7fc574a8a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/webflow.css HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: text/css
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "bc4f-6432bb48-fc9e579aa62e7069;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 10546
date: Tue, 26 Sep 2023 00:07:26 GMT

metamask.io.creative-erp.ro/mywallet/style/metamask-staging-2.webflow.css

185.179.159.0

200 OK

16 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/metamask-staging-2.webflow.css
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
ASCII text, with CRLF line terminators
Size
16 kB (16123 bytes)
Hash
7b4ca45b499c60298cb9d8a7ea289dc9
2e0f97cb3d97853badaf45ec6512e0ad3429fe7f
f52dde44d3a2b84212b473277a9578196dc09bf9b2d572d2f8f7c3fbb8815fa5

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/metamask-staging-2.webflow.css HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: text/css
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "2269f-6432bb48-9a3a8b7d93f6310b;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 16123
date: Tue, 26 Sep 2023 00:07:26 GMT

metamask.io.creative-erp.ro/mywallet/style/css

185.179.159.0

200 OK

752 B

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/css
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
ASCII text
Size
752 B (752 bytes)
Hash
d75dbb7a19763e296b99fa0b3f42546d
8b7752a815b8325ece966de1476e4f43ee1dcdc9
8daea9a40be31e567300edc7daeb077f232cf7c32baed3aebff9ee9260b0d5a0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/css HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "2f0-6432bb48-d81640f8fed48a00;;;"
accept-ranges: bytes
content-length: 752
date: Tue, 26 Sep 2023 00:07:26 GMT
vary: User-Agent

metamask.io.creative-erp.ro/mywallet/style/webfont.js

185.179.159.0

200 OK

5.1 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/webfont.js
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
ASCII text, with very long lines (2134)
Size
5.1 kB (5106 bytes)
Hash
7c96a5f11d9741541d5e3c42ff6380d7
d3fa2564c021cf730e58ffddb138cf6b57ed126e
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/webfont.js HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: application/javascript
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "3384-6432bb48-f360d1b4d14ea5d6;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 5106
date: Tue, 26 Sep 2023 00:07:26 GMT

cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css

151.101.193.229

200 OK

13 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text
Size
13 kB (12937 bytes)
Hash
06cb502613f99040e534fec65fa725c7
03006f32792e033497e9ca68373b6c3386305933
e1172d3a0a208cf01dc066f0abeaf17f00264a966159a69f71947d6edcd4935f

HTTP Headers

GET /npm/bootstrap-icons@1.10.3/font/bootstrap-icons.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 1.10.3
x-jsd-version-type: version
etag: W/"17579-AwBvMnkuAzSX6cpoNztsM4YwWTM"
content-encoding: br
accept-ranges: bytes
date: Tue, 26 Sep 2023 00:07:26 GMT
age: 4748189
x-served-by: cache-fra-etou8220052-FRA, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 12937
X-Firefox-Spdy: h2

metamask.io.creative-erp.ro/mywallet/style/main.js

185.179.159.0

200 OK

30 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/main.js
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
ASCII text, with very long lines (65446), with CRLF line terminators
Size
30 kB (30268 bytes)
Hash
0732e3eabbf8aa7ce7f69eedbd07dfdd
4cd5ddc413b3024d7b56331c0d0d0b2bd933f27f
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/main.js HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: application/javascript
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "15d9f-6432bb48-fde254fee5937128;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 30268
date: Tue, 26 Sep 2023 00:07:26 GMT

metamask.io.creative-erp.ro/mywallet/js/control.js

185.179.159.0

200 OK

134 B

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/js/control.js
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
ASCII text, with CRLF line terminators
Size
134 B (134 bytes)
Hash
e76ac728698e3935cf039957458a10fb
2bcaab3d6af5441e94a80ddb9a70f7172896f7c6
e2121382a5483d7882fef2175c93f173b4eaa9e2264b71612808a87e269043c4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/js/control.js HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: application/javascript
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "e1-6432bb48-73adebd81a7107b4;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 134
date: Tue, 26 Sep 2023 00:07:26 GMT

cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css

151.101.193.229

200 OK

26 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/css/bootstrap.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (65326)
Size
26 kB (26373 bytes)
Hash
a4b3f509e79c54a512b890d73235ef04
1be37b62306c8c0c6775bb4c93c5e4c4e13d9775
f886516f3d41e9e7bd994c7f7a39a89cafae9483f90396cb0ddeafe8d1ea5e72

HTTP Headers

GET /npm/bootstrap@4.6.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metamask.io.creative-erp.ro
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.6.2
x-jsd-version-type: version
etag: W/"279d8-G+N7YjBsjAxndbtMk8XkxOE9l3U"
content-encoding: br
accept-ranges: bytes
date: Tue, 26 Sep 2023 00:07:26 GMT
age: 16239461
x-served-by: cache-fra-eddf8230063-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26373
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js

151.101.193.229

200 OK

24 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (65299)
Size
24 kB (23636 bytes)
Hash
a0805bca912ec901f2a7096228b62d46
3233fd01d87fba457eaad8dcbc289f75b170f814
19126b874a32753d42c12dfa6c17892bfd93820a5a5100ba1b34da4d07599b49

HTTP Headers

GET /npm/bootstrap@4.6.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metamask.io.creative-erp.ro
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.2
x-jsd-version-type: version
etag: W/"145b0-MjP9Adh/ukV+qtjcvCifdbFw+BQ"
content-encoding: br
accept-ranges: bytes
date: Tue, 26 Sep 2023 00:07:26 GMT
age: 14423222
x-served-by: cache-fra-eddf8230069-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23636
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js

151.101.193.229

200 OK

26 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/jquery@3.5.1/dist/jquery.slim.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (65245)
Size
26 kB (26139 bytes)
Hash
fb8409a092adc6e8be17e87d59e0595e
cf8d9821552d51bb50ce572e696aba1309065800
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db

HTTP Headers

GET /npm/jquery@3.5.1/dist/jquery.slim.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://metamask.io.creative-erp.ro
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 3.5.1
x-jsd-version-type: version
etag: W/"11abc-z42YIVUtUbtQzlcuaWq6EwkGWAA"
content-encoding: br
accept-ranges: bytes
date: Tue, 26 Sep 2023 00:07:26 GMT
age: 7923292
x-served-by: cache-fra-eddf8230022-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26139
X-Firefox-Spdy: h2

images.ctfassets.net/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/67001204dd8d16fa99070e902c512b9c/home-hero.png?w=1920&q=100&fm=webp

143.204.55.79

200 OK

52 kB

URL GET HTTP/2
images.ctfassets.net/9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/67001204dd8d16fa99070e902c512b9c/home-hero.png?w=1920&q=100&fm=webp
IP
143.204.55.79:443
ASN
#16509 AMAZON-02

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerAmazon
Subjectimages.ctfassets.net
FingerprintCA:D7:EE:33:97:78:A0:CF:39:CA:40:DF:F5:6A:02:B4:28:F4:89:27
ValidityTue, 28 Feb 2023 00:00:00 GMT - Fri, 16 Feb 2024 23:59:59 GMT

File type
RIFF (little-endian) data, Web/P image\012- data
Size
52 kB (52080 bytes)
Hash
e0b964ce8a22e37761e5c42b18cb810d
e57271a70e23f87d190556582831c2f91fd4a468
0a7b892b315f0dfecb0edfe9948c2925ebe11e6bb5b0c667bf870ff6ae84772c

HTTP Headers

GET /9sy2a0egs6zh/5n9UZwFnPyMTphfiT6SDMv/67001204dd8d16fa99070e902c512b9c/home-hero.png?w=1920&q=100&fm=webp HTTP/1.1
Host: images.ctfassets.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/webp
content-length: 52080
last-modified: Fri, 08 Sep 2023 06:00:27 GMT
server: Contentful Images API
access-control-allow-origin: *
date: Mon, 25 Sep 2023 09:50:24 GMT
cache-control: max-age=31536000
etag: "e0b964ce8a22e37761e5c42b18cb810d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VtGJzvhAULKEV7H3pyPJvWfpkZyETDbEPHVuEDH18bG1X_miOIZSCA==
age: 51422
X-Firefox-Spdy: h2

metamask.io.creative-erp.ro/mywallet/style/mm-logo.svg

185.179.159.0

200 OK

3.2 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/mm-logo.svg
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1001), with CRLF line terminators
Size
3.2 kB (3215 bytes)
Hash
7915373f26761992664272083eef55af
7b69d64a0ff01d6b0cf0b95558349e83ee4d0698
4ad9d7c985fe9bc858d79cfe642d805da47e0fe84ea092acaab8691e20ad8670

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/mm-logo.svg HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: image/svg+xml
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "2f1a-6432bb48-d889dda319365a11;br"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 3215
date: Tue, 26 Sep 2023 00:07:26 GMT

metamask.io.creative-erp.ro/mywallet/style/dapp-aave.png

185.179.159.0

200 OK

14 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/dapp-aave.png
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
14 kB (14347 bytes)
Hash
521a00d54b7fe1cb1d7712b655ca54a6
8c5aa52335bf25183781e62843ede770bf6877ba
506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/dapp-aave.png HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: image/png
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "380b-6432bb48-df49d1af768c0949;;;"
accept-ranges: bytes
content-length: 14347
date: Tue, 26 Sep 2023 00:07:26 GMT
vary: User-Agent

metamask.io.creative-erp.ro/mywallet/style/dapp-axieinfinity.png

185.179.159.0

200 OK

43 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/dapp-axieinfinity.png
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
43 kB (42713 bytes)
Hash
5f662391fe3ddc927134ba8e15263eaf
ab5ea7aacdc8c97238247f59761abc02033b2a67
7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/dapp-axieinfinity.png HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: image/png
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "a6d9-6432bb48-3ad6aac32db02f37;;;"
accept-ranges: bytes
content-length: 42713
date: Tue, 26 Sep 2023 00:07:26 GMT
vary: User-Agent

metamask.io.creative-erp.ro/mywallet/style/dapp-compound.png

185.179.159.0

200 OK

11 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/dapp-compound.png
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11355 bytes)
Hash
3818f9cfccbd94fad91a10d3c5ee356c
7c6af849177aa8bf6ef9bcbf801dc375e1997900
20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/dapp-compound.png HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: image/png
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "2c5b-6432bb48-9eb09f14c3ae7a3c;;;"
accept-ranges: bytes
content-length: 11355
date: Tue, 26 Sep 2023 00:07:26 GMT
vary: User-Agent

metamask.io.creative-erp.ro/mywallet/style/dapp-gitcoin.png

185.179.159.0

200 OK

8.0 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/dapp-gitcoin.png
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
8.0 kB (7998 bytes)
Hash
c710e9a5c39e89136a73edf0a1c99abe
aca40362b7d87533d00250e102ba852d19e2231c
7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/dapp-gitcoin.png HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: image/png
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "1f3e-6432bb48-e090eb2646527214;;;"
accept-ranges: bytes
content-length: 7998
date: Tue, 26 Sep 2023 00:07:26 GMT
vary: User-Agent

metamask.io.creative-erp.ro/mywallet/style/dapp-maker.png

185.179.159.0

200 OK

6.9 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/dapp-maker.png
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
6.9 kB (6852 bytes)
Hash
720871ca002e89a10d26e5c516066311
8648fe12645cd5c3473a73faba1d42cef78de444
f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/dapp-maker.png HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: image/png
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "1ac4-6432bb48-272cef953ef3ca17;;;"
accept-ranges: bytes
content-length: 6852
date: Tue, 26 Sep 2023 00:07:26 GMT
vary: User-Agent

metamask.io.creative-erp.ro/mywallet/style/dapp-opensea.png

185.179.159.0

200 OK

6.5 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/dapp-opensea.png
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
6.5 kB (6533 bytes)
Hash
f82776f839cec899c9c87a680226aabf
43f5dedb6216cb02ee568fcb66cb19fc296c3a85
c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/dapp-opensea.png HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: image/png
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "1985-6432bb48-42e9d0c73deb07c;;;"
accept-ranges: bytes
content-length: 6533
date: Tue, 26 Sep 2023 00:07:26 GMT
vary: User-Agent

metamask.io.creative-erp.ro/mywallet/style/dapp-rarible.png

185.179.159.0

200 OK

6.8 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/dapp-rarible.png
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
PNG image data, 560 x 560, 8-bit/color RGBA, non-interlaced\012- data
Size
6.8 kB (6840 bytes)
Hash
b9f7c0fd11c34c044799e673947103f8
491baab057af39b2b24bf0c671d0eb05454b8c48
29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/dapp-rarible.png HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: image/png
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "1ab8-6432bb48-6cc27356964e810d;;;"
accept-ranges: bytes
content-length: 6840
date: Tue, 26 Sep 2023 00:07:26 GMT
vary: User-Agent

metamask.io.creative-erp.ro/mywallet/img/metamask.gif

185.179.159.0

200 OK

227 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/img/metamask.gif
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
GIF image data, version 89a, 800 x 600\012- data
Size
227 kB (227301 bytes)
Hash
7dd0cbc9a551a2523d7b76146f165a4c
1a4f06c02a2dc89d08be77ef5a6be567d3a30778
9ec6ee31fdde5527af232cadd6f6a3e4b392e569db2841ad50a078145aedcb69

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/img/metamask.gif HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: image/gif
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "377e5-6432bb48-c6b9a35dd1475aa2;;;"
accept-ranges: bytes
content-length: 227301
date: Tue, 26 Sep 2023 00:07:26 GMT
vary: User-Agent

metamask.io.creative-erp.ro/mywallet/style/dapp-uniswap.png

185.179.159.0

200 OK

10 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/dapp-uniswap.png
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
PNG image data, 280 x 280, 8-bit/color RGBA, non-interlaced\012- data
Size
10 kB (10268 bytes)
Hash
1948962ad395727d902bd6b5fcd01807
f7e85e096b084ef6d9f550afbcd702fd889031a5
ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/dapp-uniswap.png HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:26 GMT
content-type: image/png
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "281c-6432bb48-240a8dc7d525f9b6;;;"
accept-ranges: bytes
content-length: 10268
date: Tue, 26 Sep 2023 00:07:26 GMT
vary: User-Agent

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
ca3afb7df10c01fb4a7514ea3f1493e1
7b234d99c8683384c389995c31d4b60b65ae8c53
d2c2bf4568670b4bce7bb07cdc36f0df66139b5eef889b07519607556dab1a53

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 00:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Changa+One:400,400italic

142.250.74.106

200 OK

783 B

URL GET HTTP/2
fonts.googleapis.com/css?family=Changa+One:400,400italic
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT

File type
gzip compressed data, max compression\012- data
Size
783 B (783 bytes)
Hash
607e79bc842a3e97ba43fdd08f4b624b
16f00e00ebc6272a8435cc53792ae504a0049865
469854407bf0868c3aa5fbc141f7fe4df5be815b9d363d453d95068b0bb4a363

HTTP Headers

GET /css?family=Changa+One:400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 26 Sep 2023 00:07:27 GMT
date: Tue, 26 Sep 2023 00:07:27 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.korzh.com/metroui/v4/css/metro-all.min.css

104.21.5.183

200 OK

143 kB

URL GET HTTP/2
cdn.korzh.com/metroui/v4/css/metro-all.min.css
IP
104.21.5.183:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectkorzh.com
Fingerprint14:3B:65:7B:97:6A:D2:B7:63:1B:07:04:89:79:D7:3A:28:3A:56:5A
ValidityMon, 21 Aug 2023 08:17:11 GMT - Sun, 19 Nov 2023 08:17:10 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
143 kB (142818 bytes)
Hash
dacd709784b48787b7c485b81ae093a9
7bcad27d2ca2388bb6e9bca6785517d37cdaee3c
71b89b7b33c2bf74226df233797bb3c3de96e762ccf20a0ea70c40e0250b3246

HTTP Headers

GET /metroui/v4/css/metro-all.min.css HTTP/1.1
Host: cdn.korzh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 26 Sep 2023 00:07:26 GMT
content-type: text/css
last-modified: Thu, 01 Sep 2022 15:49:20 GMT
etag: W/"30401b0-104aa1-8e7e2000"
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
access-control-allow-headers: Content-Type
cache-control: max-age=31536000
cf-cache-status: HIT
age: 1926
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zXcINq%2FN8BuFMizCCfogNh8x0PqLREXxiYcoRX2fDxSLoXVkac4bHbjW44wBdFhC%2BQ025g7BdiiEs7TjJxuZoB2vn5PelMIfCzIPsb3dwWvEiPPgCyWhyrwoeoJYU%2BBz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c74447184a56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

metamask.io.creative-erp.ro/mywallet/style/favicon.png

185.179.159.0

200 OK

1.5 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/favicon.png
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1532 bytes)
Hash
b7919ea38a8beed9b4763858c4f7412b
1aa57bcd7ca8a0c3352923c9ee06c472f23d5b63
214080adac9969108cb602cb68617e332db1288e95e18c29c10f9396c6d3744c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/favicon.png HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:27 GMT
content-type: image/png
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "5fc-6432bb48-4fa4c254506c4611;;;"
accept-ranges: bytes
content-length: 1532
date: Tue, 26 Sep 2023 00:07:27 GMT
vary: User-Agent

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
178dd930993366d9bb01d73e2960a0c5
8b316934e079b21ca97a190c864b937c00c677a6
41a94531c3c30183ccecbebd35c18f2e201bcfd8c8184d579725bb5124971baf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 00:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
178dd930993366d9bb01d73e2960a0c5
8b316934e079b21ca97a190c864b937c00c677a6
41a94531c3c30183ccecbebd35c18f2e201bcfd8c8184d579725bb5124971baf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 00:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
178dd930993366d9bb01d73e2960a0c5
8b316934e079b21ca97a190c864b937c00c677a6
41a94531c3c30183ccecbebd35c18f2e201bcfd8c8184d579725bb5124971baf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 00:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
178dd930993366d9bb01d73e2960a0c5
8b316934e079b21ca97a190c864b937c00c677a6
41a94531c3c30183ccecbebd35c18f2e201bcfd8c8184d579725bb5124971baf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 00:07:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size
7.9 kB (7900 bytes)
Hash
61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

HTTP Headers

GET /s/changaone/v20/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://metamask.io.creative-erp.ro
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 18:12:39 GMT
expires: Sat, 21 Sep 2024 18:12:39 GMT
cache-control: public, max-age=31536000
age: 280488
last-modified: Thu, 24 Aug 2023 21:10:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

216.58.207.227

200 OK

8.4 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Size
8.4 kB (8404 bytes)
Hash
141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

HTTP Headers

GET /s/changaone/v20/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://metamask.io.creative-erp.ro
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 18:12:39 GMT
expires: Sat, 21 Sep 2024 18:12:39 GMT
cache-control: public, max-age=31536000
age: 280488
last-modified: Thu, 24 Aug 2023 20:56:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2

216.58.207.227

200 OK

7.9 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 7900, version 1.0\012- data
Size
7.9 kB (7900 bytes)
Hash
61e86e7a20ecf3ba181ca4b9a9a1cdbd
482a65cffc69109af26669d64accbef71db3b836
fbd0536d5b92c0dbe6ad2637800ae8da10c20755b564a3575bd12bba57f73b18

HTTP Headers

GET /s/changaone/v18/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://metamask.io.creative-erp.ro
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7900
date: Tue, 26 Sep 2023 00:07:27 GMT
expires: Wed, 25 Sep 2024 00:07:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 17:15:19 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2

216.58.207.227

200 OK

8.4 kB

URL GET HTTP/2
fonts.gstatic.com/s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint3D:35:56:30:C0:0F:0C:7F:20:BA:7D:A8:48:DB:24:1B:15:F5:48:27
ValidityMon, 04 Sep 2023 08:23:09 GMT - Mon, 27 Nov 2023 08:23:08 GMT

File type
Web Open Font Format (Version 2), TrueType, length 8404, version 1.0\012- data
Size
8.4 kB (8404 bytes)
Hash
141119ae119bf7ca75e10ef82f66e442
adebf435aa078db3c116cb9faae15f2ad81d3ac5
c6afeb967afd466210e4061473c4855684e84b7e850b248c0533e6288acfbaff

HTTP Headers

GET /s/changaone/v18/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://metamask.io.creative-erp.ro
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-type: font/woff2
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8404
date: Tue, 26 Sep 2023 00:07:27 GMT
expires: Wed, 25 Sep 2024 00:07:27 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 21 Apr 2022 17:15:41 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

metamask.io.creative-erp.ro/mywallet//ws

185.179.159.0

708 B

URL
metamask.io.creative-erp.ro/mywallet//ws
IP
185.179.159.0:0
ASN
#50937 Tes Euro Media SRL

Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
708 B (708 bytes)
Hash
2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet//ws HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://metamask.io.creative-erp.ro
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2A1tYlAE4/pJz0D9zAA3tA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Tue, 26 Sep 2023 00:07:27 GMT
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
178dd930993366d9bb01d73e2960a0c5
8b316934e079b21ca97a190c864b937c00c677a6
41a94531c3c30183ccecbebd35c18f2e201bcfd8c8184d579725bb5124971baf

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 00:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47

151.101.193.229

200 OK

121 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap-icons@1.10.3/font/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
Web Open Font Format (Version 2), TrueType, length 121296, version 1.0\012- data
Size
121 kB (121296 bytes)
Hash
7f477633ddd12f84284654f2a2e89b8a
17dad0776899ad1beadabd061c34e2a22b2cde74
966620f9e3bec428663687f9e8d67a6b8e35d79adebf6fb204e9b139eada7599

HTTP Headers

GET /npm/bootstrap-icons@1.10.3/font/fonts/bootstrap-icons.woff2?24e3eb84d0bcaf83d77f904c78ac1f47 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://metamask.io.creative-erp.ro
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
x-jsd-version: 1.10.3
x-jsd-version-type: version
etag: W/"1d9d0-F9rQd2iZrRvq2r0GHDTioiss3nQ"
accept-ranges: bytes
date: Tue, 26 Sep 2023 00:07:29 GMT
age: 1791829
x-served-by: cache-fra-etou8220101-FRA, cache-bma1651-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 121296
X-Firefox-Spdy: h2

metamask.io.creative-erp.ro/mywallet/style/EuclidCircularB-Regular-WebXL.woff2

185.179.159.0

200 OK

45 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/EuclidCircularB-Regular-WebXL.woff2
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
Web Open Font Format (Version 2), TrueType, length 45196, version 3.66\012- data
Size
45 kB (45196 bytes)
Hash
2d75957df3bb3aa6ed84f6591b0d5a1a
906424e75625f63b0188471067065794d0348536
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/EuclidCircularB-Regular-WebXL.woff2 HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/style/metamask-staging-2.webflow.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:29 GMT
content-type: font/woff2
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "b08c-6432bb48-cf2501cbd63079a6;;;"
accept-ranges: bytes
content-length: 45196
date: Tue, 26 Sep 2023 00:07:29 GMT
vary: User-Agent

metamask.io.creative-erp.ro/mywallet/style/EuclidCircularB-Bold-WebXL.woff2

185.179.159.0

200 OK

44 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/EuclidCircularB-Bold-WebXL.woff2
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
Web Open Font Format (Version 2), TrueType, length 44544, version 3.66\012- data
Size
44 kB (44544 bytes)
Hash
9024d0bf73943172297c4628d0054e20
36c3795e7b297d06589e15ef59592683d9ed0974
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/EuclidCircularB-Bold-WebXL.woff2 HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/style/metamask-staging-2.webflow.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:29 GMT
content-type: font/woff2
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "ae00-6432bb48-a1799fcccc77035b;;;"
accept-ranges: bytes
content-length: 44544
date: Tue, 26 Sep 2023 00:07:29 GMT
vary: User-Agent

metamask.io.creative-erp.ro/mywallet/style/webclip.png

185.179.159.0

200 OK

12 kB

URL GET HTTP/3
metamask.io.creative-erp.ro/mywallet/style/webclip.png
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (11764 bytes)
Hash
48400a28770e10dd52a8c0e539aeb282
151bcd0c431ed79f30193731de564106a5b11956
27712ebee35bae5474f124f7cbf6cb2ca60d5121e561d284c9f11a4e69efd663

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/style/webclip.png HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/mywallet/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Tue, 03 Oct 2023 00:07:27 GMT
content-type: image/png
last-modified: Sun, 09 Apr 2023 13:19:04 GMT
etag: "2df4-6432bb48-1e33cd45845fbe48;;;"
accept-ranges: bytes
content-length: 11764
date: Tue, 26 Sep 2023 00:07:27 GMT
vary: User-Agent

metamask.io.creative-erp.ro/mywallet/

185.179.159.0

200 OK

19 kB

URL User Request GET HTTP/2
metamask.io.creative-erp.ro/mywallet/
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type

Size
19 kB (18715 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet/ HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/8.1.22
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding,User-Agent
date: Tue, 26 Sep 2023 00:07:25 GMT
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

cdn.korzh.com/metroui/v4/js/metro.min.js

104.21.5.183

200 OK

623 kB

URL GET HTTP/2
cdn.korzh.com/metroui/v4/js/metro.min.js
IP
104.21.5.183:443
ASN
#13335 CLOUDFLARENET

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectkorzh.com
Fingerprint14:3B:65:7B:97:6A:D2:B7:63:1B:07:04:89:79:D7:3A:28:3A:56:5A
ValidityMon, 21 Aug 2023 08:17:11 GMT - Sun, 19 Nov 2023 08:17:10 GMT

File type

Size
623 kB (623070 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet

HTTP Headers

GET /metroui/v4/js/metro.min.js HTTP/1.1
Host: cdn.korzh.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://metamask.io.creative-erp.ro/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 26 Sep 2023 00:07:26 GMT
content-type: application/x-javascript
last-modified: Thu, 01 Sep 2022 15:49:20 GMT
etag: W/"30401c8-981de-8e7e2000"
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS,DELETE,PUT
access-control-allow-headers: Content-Type
cache-control: max-age=31536000
cf-cache-status: HIT
age: 249
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGZUKsWMva0xZn1thagLNQmH604qgj1kC1ZJHgarL5TJrVynsnanO7YDoHqw2Th%2F7EpYtmKxX3Fd4cztPMlP8aqG86VLphx8MY%2BYzxtUGzRETqSyfCMZ0uqu48FPN%2FjJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80c74447284f56ab-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

metamask.io.creative-erp.ro/mywallet//ws

185.179.159.0

404 Not Found

0 B

URL GET HTTP/1.1
metamask.io.creative-erp.ro/mywallet//ws
IP
185.179.159.0:443
ASN
#50937 Tes Euro Media SRL

Requested by
https://metamask.io.creative-erp.ro/mywallet/
Certificate
IssuerLet's Encrypt
Subjectcreative-erp.ro
FingerprintDF:28:DF:11:85:46:BD:40:36:C3:F7:8A:DF:DE:E1:6F:88:7B:CC:3E
ValidityThu, 21 Sep 2023 14:39:02 GMT - Wed, 20 Dec 2023 14:39:01 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Generic Crypto/Wallet
OpenPhish	phishing	Crypto/Wallet

HTTP Headers

GET /mywallet//ws HTTP/1.1
Host: metamask.io.creative-erp.ro
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://metamask.io.creative-erp.ro
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2A1tYlAE4/pJz0D9zAA3tA==
DNT: 1
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 404 Not Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Tue, 26 Sep 2023 00:07:27 GMT
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by