www.metamask-restore.online Open in urlscan Pro
104.219.248.88  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response www.metamask-restore.online/	4 KB 2 KB	531ms 169ms	Document text/html	104.219.248.88 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.metamask-restore.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.88 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server135-2.web-hosting.com Software Apache / Resource Hash bd75626f005bcd21e2fe586ba437313c1d32ff675086f2ae860f7dcef2e09d77 Request headers :method GET :authority www.metamask-restore.online :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:02:59 GMT server Apache last-modified Sat, 15 May 2021 20:57:12 GMT accept-ranges bytes vary Accept-Encoding content-encoding gzip content-length 1587 content-type text/html
GET H2	200	normalize.css www.metamask-restore.online/css/	8 KB 3 KB	168ms 167ms	Stylesheet text/css	104.219.248.88 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.metamask-restore.online/css/normalize.css Requested by Host: www.metamask-restore.online URL: https://www.metamask-restore.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.88 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server135-2.web-hosting.com Software Apache / Resource Hash 37743dc1ed092a174e95bd76c66f1a2e332d491882f1091627388cb7e490ca1e Request headers :path /css/normalize.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.metamask-restore.online referer https://www.metamask-restore.online/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.metamask-restore.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:02:59 GMT content-encoding gzip last-modified Tue, 02 Mar 2021 09:56:40 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 2659
GET H2	200	webflow.css www.metamask-restore.online/css/	38 KB 9 KB	171ms 170ms	Stylesheet text/css	104.219.248.88 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.metamask-restore.online/css/webflow.css Requested by Host: www.metamask-restore.online URL: https://www.metamask-restore.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.88 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server135-2.web-hosting.com Software Apache / Resource Hash 69b69addbb8631e7a4b9e0c7a140841691812ed7a9378f3eed9d3c1fe31c1803 Request headers :path /css/webflow.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.metamask-restore.online referer https://www.metamask-restore.online/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.metamask-restore.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:02:59 GMT content-encoding gzip last-modified Tue, 02 Mar 2021 09:59:34 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 9269
GET H2	200	metamask-staging.webflow.css www.metamask-restore.online/css/	96 KB 13 KB	317ms 317ms	Stylesheet text/css	104.219.248.88 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.metamask-restore.online/css/metamask-staging.webflow.css Requested by Host: www.metamask-restore.online URL: https://www.metamask-restore.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.88 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server135-2.web-hosting.com Software Apache / Resource Hash 5fec6a29501f86712d4c0e28988d2be5bb807d60526022e0cc61d68021766fc0 Request headers :path /css/metamask-staging.webflow.css pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept text/css,*/*;q=0.1 cache-control no-cache sec-fetch-dest style :authority www.metamask-restore.online referer https://www.metamask-restore.online/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.metamask-restore.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:02:59 GMT content-encoding gzip last-modified Tue, 02 Mar 2021 11:28:52 GMT server Apache vary Accept-Encoding content-type text/css accept-ranges bytes content-length 12719
GET H2	200	webfont.js Show response ajax.googleapis.com/ajax/libs/webfont/1.6.26/	13 KB 6 KB	25ms 6ms	Script text/javascript	2a00:1450:4001:802::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Requested by Host: www.metamask-restore.online URL: https://www.metamask-restore.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://www.metamask-restore.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 18:04:38 GMT content-encoding gzip x-content-type-options nosniff age 10701 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 5437 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sun, 15 May 2022 18:04:38 GMT
GET H2	200	mm-logo.svg www.metamask-restore.online/images/	12 KB 3 KB	166ms 165ms	Image image/svg+xml	104.219.248.88 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.metamask-restore.online/images/mm-logo.svg Requested by Host: www.metamask-restore.online URL: https://www.metamask-restore.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.88 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server135-2.web-hosting.com Software Apache / Resource Hash 5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b Request headers :path /images/mm-logo.svg pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.metamask-restore.online referer https://www.metamask-restore.online/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.metamask-restore.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:02:59 GMT content-encoding gzip last-modified Tue, 02 Mar 2021 11:23:04 GMT server Apache vary Accept-Encoding content-type image/svg+xml accept-ranges bytes content-length 3369
GET H2	200	jquery-3.5.1.min.dc5e7f18c8.js Show response d3e54v103j8qbb.cloudfront.net/js/	87 KB 31 KB	502ms 435ms	Script application/javascript	99.86.245.9 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=5fd1a30a78e29a0936f57bd9 Requested by Host: www.metamask-restore.online URL: https://www.metamask-restore.online/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 99.86.245.9 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-99-86-245-9.vie50.r.cloudfront.net Software AmazonS3 / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Request headers Origin https://www.metamask-restore.online Referer https://www.metamask-restore.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:03:00 GMT content-encoding gzip last-modified Mon, 20 Jul 2020 17:53:02 GMT server AmazonS3 x-amz-cf-pop VIE50-C1 etag W/"dc5e7f18c8d36ac1d3d4753a87c98d0a" vary Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method access-control-allow-methods GET content-type application/javascript access-control-allow-origin * access-control-max-age 3000 cache-control max-age=84600, must-revalidate x-cache Miss from cloudfront x-amz-cf-id YbrQKYWB9XZqC3Eg6ORhOY-0LNZ-VC-xPZX3AdeugL-fIi3r62uA2A== via 1.1 b48fca327a980187d93a198e7530195c.cloudfront.net (CloudFront)
GET H2	404	webflow.js www.metamask-restore.online/js/	0 0	167ms 166ms	Script text/html	104.219.248.88 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.metamask-restore.online/js/webflow.js Requested by Host: www.metamask-restore.online URL: https://www.metamask-restore.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.88 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server135-2.web-hosting.com Software Apache / Resource Hash Request headers :path /js/webflow.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.metamask-restore.online referer https://www.metamask-restore.online/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.metamask-restore.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:02:59 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	200	css fonts.googleapis.com/	752 B 797 B	34ms 15ms	Stylesheet text/css	2a00:1450:4001:82f::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Changa+One:400,400italic Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 3972064b60cc8d60061f5aa93b943dc54428f6c29e897f1488d75fb2d5671407 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://www.metamask-restore.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sat, 15 May 2021 20:32:06 GMT server ESF date Sat, 15 May 2021 21:02:59 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sat, 15 May 2021 21:02:59 GMT
GET H2	200	hero2.2.png www.metamask-restore.online/images/	576 KB 576 KB	171ms 170ms	Image image/png	104.219.248.88 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Show image Full URL https://www.metamask-restore.online/images/hero2.2.png Requested by Host: www.metamask-restore.online URL: https://www.metamask-restore.online/css/metamask-staging.webflow.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.88 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server135-2.web-hosting.com Software Apache / Resource Hash 3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1 Request headers :path /images/hero2.2.png pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority www.metamask-restore.online referer https://www.metamask-restore.online/css/metamask-staging.webflow.css :scheme https sec-fetch-site same-origin :method GET Referer https://www.metamask-restore.online/css/metamask-staging.webflow.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:02:59 GMT last-modified Tue, 02 Mar 2021 11:28:24 GMT server Apache accept-ranges bytes content-length 589568 content-type image/png
GET H2	404	EuclidCircularB-Regular-WebXL.woff2 www.metamask-restore.online/fonts/	0 0	170ms 170ms	Font text/html	104.219.248.88 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.metamask-restore.online/fonts/EuclidCircularB-Regular-WebXL.woff2 Requested by Host: www.metamask-restore.online URL: https://www.metamask-restore.online/css/metamask-staging.webflow.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.88 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server135-2.web-hosting.com Software Apache / Resource Hash Request headers :path /fonts/EuclidCircularB-Regular-WebXL.woff2 pragma no-cache origin https://www.metamask-restore.online accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority www.metamask-restore.online referer https://www.metamask-restore.online/css/metamask-staging.webflow.css :scheme https sec-fetch-site same-origin :method GET Origin https://www.metamask-restore.online Referer https://www.metamask-restore.online/css/metamask-staging.webflow.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:02:59 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	404	EuclidCircularB-Bold-WebXL.woff2 www.metamask-restore.online/fonts/	0 0	460ms 460ms	Font text/html	104.219.248.88 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.metamask-restore.online/fonts/EuclidCircularB-Bold-WebXL.woff2 Requested by Host: www.metamask-restore.online URL: https://www.metamask-restore.online/css/metamask-staging.webflow.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.88 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server135-2.web-hosting.com Software Apache / Resource Hash Request headers :path /fonts/EuclidCircularB-Bold-WebXL.woff2 pragma no-cache origin https://www.metamask-restore.online accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority www.metamask-restore.online referer https://www.metamask-restore.online/css/metamask-staging.webflow.css :scheme https sec-fetch-site same-origin :method GET Origin https://www.metamask-restore.online Referer https://www.metamask-restore.online/css/metamask-staging.webflow.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:02:59 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	200	xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 fonts.gstatic.com/s/changaone/v13/	8 KB 8 KB	25ms 6ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/changaone/v13/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e2bce7e3f85456cb30a1803f8f261157ca8922d7e0b1c5baf421d65cfd87619d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.metamask-restore.online Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 13 May 2021 15:36:22 GMT x-content-type-options nosniff last-modified Tue, 01 Sep 2020 04:39:55 GMT server sffe age 192397 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 7924 x-xss-protection 0 expires Fri, 13 May 2022 15:36:22 GMT
GET H2	200	xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 fonts.gstatic.com/s/changaone/v13/	8 KB 8 KB	23ms 7ms	Font font/woff2	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/changaone/v13/xfu20W3wXn3QLUJXhzq42ATSu5_f.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Changa+One:400,400italic Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 9c6596dccd4b15e7ab0a21d6b35c75d0f0531d258f342869890165ac974706b3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Origin https://www.metamask-restore.online Referer https://fonts.googleapis.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Thu, 13 May 2021 22:39:16 GMT x-content-type-options nosniff last-modified Tue, 01 Sep 2020 04:36:56 GMT server sffe age 167023 content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 8364 x-xss-protection 0 expires Fri, 13 May 2022 22:39:16 GMT
GET H2	404	EuclidCircularB-Regular-WebXL.woff www.metamask-restore.online/fonts/	0 0	447ms 447ms	Font text/html	104.219.248.88 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.metamask-restore.online/fonts/EuclidCircularB-Regular-WebXL.woff Requested by Host: www.metamask-restore.online URL: https://www.metamask-restore.online/css/metamask-staging.webflow.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.88 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server135-2.web-hosting.com Software Apache / Resource Hash Request headers :path /fonts/EuclidCircularB-Regular-WebXL.woff pragma no-cache origin https://www.metamask-restore.online accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority www.metamask-restore.online referer https://www.metamask-restore.online/css/metamask-staging.webflow.css :scheme https sec-fetch-site same-origin :method GET Origin https://www.metamask-restore.online Referer https://www.metamask-restore.online/css/metamask-staging.webflow.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:02:59 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	404	EuclidCircularB-Bold-WebXL.woff www.metamask-restore.online/fonts/	0 0	445ms 444ms	Font text/html	104.219.248.88 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.metamask-restore.online/fonts/EuclidCircularB-Bold-WebXL.woff Requested by Host: www.metamask-restore.online URL: https://www.metamask-restore.online/css/metamask-staging.webflow.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.88 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server135-2.web-hosting.com Software Apache / Resource Hash Request headers :path /fonts/EuclidCircularB-Bold-WebXL.woff pragma no-cache origin https://www.metamask-restore.online accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode cors accept */* cache-control no-cache sec-fetch-dest font :authority www.metamask-restore.online referer https://www.metamask-restore.online/css/metamask-staging.webflow.css :scheme https sec-fetch-site same-origin :method GET Origin https://www.metamask-restore.online Referer https://www.metamask-restore.online/css/metamask-staging.webflow.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:03:00 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1
GET H2	404	webflow.js www.metamask-restore.online/js/	0 0	338ms 337ms	Script text/html	104.219.248.88 NAMECHEAP-NET
General Check archive.org Show headers Download Go to Full URL https://www.metamask-restore.online/js/webflow.js Requested by Host: www.metamask-restore.online URL: https://www.metamask-restore.online/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.219.248.88 , United States, ASN22612 (NAMECHEAP-NET, US), Reverse DNS server135-2.web-hosting.com Software Apache / Resource Hash Request headers :path /js/webflow.js pragma no-cache accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept */* cache-control no-cache sec-fetch-dest script :authority www.metamask-restore.online referer https://www.metamask-restore.online/ :scheme https sec-fetch-site same-origin :method GET Referer https://www.metamask-restore.online/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Sat, 15 May 2021 21:03:00 GMT server Apache content-length 315 content-type text/html; charset=iso-8859-1

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| WebFont function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.metamask-restore.online
104.219.248.88
2a00:1450:4001:802::200a
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2003
99.86.245.9
37743dc1ed092a174e95bd76c66f1a2e332d491882f1091627388cb7e490ca1e
3972064b60cc8d60061f5aa93b943dc54428f6c29e897f1488d75fb2d5671407
3f4bfc7c6cc471e9d95936dc109852c4f6a4bf1163b63eeabfe840565d5ad8d1
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
5fec6a29501f86712d4c0e28988d2be5bb807d60526022e0cc61d68021766fc0
69b69addbb8631e7a4b9e0c7a140841691812ed7a9378f3eed9d3c1fe31c1803
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
9c6596dccd4b15e7ab0a21d6b35c75d0f0531d258f342869890165ac974706b3
bd75626f005bcd21e2fe586ba437313c1d32ff675086f2ae860f7dcef2e09d77
e2bce7e3f85456cb30a1803f8f261157ca8922d7e0b1c5baf421d65cfd87619d
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d