clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu Open in urlscan Pro
2606:4700:3035::6815:45e9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/
Submission: On January 31 via api (January 31st 2023, 3:10:42 pm UTC) from US — Scanned from US

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 11 HTTP transactions. The main IP is 2606:4700:3035::6815:45e9, located in United States and belongs to CLOUDFLARENET, US. The main domain is clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu.

This is the only time clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address		AS Autonomous System
11	2606:4700:303... 2606:4700:3035::6815:45e9		13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	1

11 2606:4700:3035::6815:45e9 (United States)

ASN13335 (CLOUDFLARENET, US)

clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu	75 KB
11	1

	Domain	Requested by
11	clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu	clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu
11	1

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 1 frames:

Primary Page: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/
Frame ID: 86BDB72D236808995D671A4EDF4E8B9F
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MetaMask

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

11
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

75 kB
Transfer

390 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/	210 KB 24 KB	276ms 225ms	Document text/html	2606:4700:3035::6815:45e9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:45e9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `9dc1d0f5abbe9559d7803026159b0687533fe2e03da3ff47b3e70c8606f54204` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language en-US,en;q=0.9 Response headers CF-Cache-Status DYNAMIC CF-RAY 79235ffd98ae1829-EWR Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 31 Jan 2023 15:10:35 GMT NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qiAX7kSPN6GMUyu3qPbbabpw3cKujl7hIpaNcDMuHQwVPwEc0OJW0rQHQFsMddzt5H0lzW%2FpSJpoKwiiRT0lOYBSOpvk6asOdLDv%2FMF1z6Lm2%2BAyXcD%2FyZreudr3I6R5LKEgFSw%2Br8EHkY0Lg%2BbTlzqAajiuY8558aoKRp2w9DNeuW5NOvqQuwis3SEue9d2aFLvulw%3D"}],"group":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 last-modified Tue, 29 Nov 2022 17:00:45 GMT vary Accept-Encoding
GET H/1.1	200 OK	.-9245-jquery-3.6.0.min.js Show response clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/js/	87 KB 31 KB	296ms 267ms	Script application/x-javascript	2606:4700:3035::6815:45e9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/js/.-9245-jquery-3.6.0.min.js Requested by Host: clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:45e9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e` Request headers accept-language en-US,en;q=0.9 Referer http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 15:10:35 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 30947 last-modified Tue, 28 Jun 2022 05:02:34 GMT Server cloudflare etag "15d9d-62ba8b6a-c2f9f;gz" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wBhyKFLq5h3g3ZGP56S%2Bwh7Jc07Pc9mPsHeS4P4Ar67Cn8EOWtzFb%2F6ogJsFSJgPNhAKXLNi%2Bk97jtSnf16gveV%2FivLMSr3MW3As6Nq6jPGExQcp9Iro6UCtWvTyX2VPKd2aEtfIkXC2haelPBh7WQ57lo6IaFKjKhWCfVX%2BMKo5FZ5fBAThBDPx0f%2B%2Bpqkq5t7Awvw%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/x-javascript cache-control public, max-age=604800 Accept-Ranges bytes CF-RAY 79235fff7c231829-EWR expires Tue, 07 Feb 2023 15:10:35 GMT
GET H/1.1	200 OK	.-5122-logo.js Show response clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/js/	78 KB 13 KB	270ms 269ms	Script application/x-javascript	2606:4700:3035::6815:45e9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/js/.-5122-logo.js Requested by Host: clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:45e9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `bfefca810b4d336318e4efee744dc69321a39e3df3e9c5889e2038720c08ac12` Request headers accept-language en-US,en;q=0.9 Referer http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 15:10:35 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 12280 last-modified Tue, 28 Jun 2022 05:02:36 GMT Server cloudflare etag "1378a-62ba8b6c-c2fa1;gz" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBH2XGwoxWgVJW27d2Gh94H4YsrtEr6oVfMOtpMEomizCSzrisEAgHF8YbI4GcBpelyyCww6nCQwnP0t3damnI6eqetgZRIKEZgjboqSO9zBh8oXsX56OhN3VhKMGN%2BOqBetcyacGhWTJ4hoUhbVQLVHBBuiRBLfEWRkKTXwXvye8LyJJvSkRlXTO98v0vTDRZP%2FwAw%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/x-javascript cache-control public, max-age=604800 Accept-Ranges bytes CF-RAY 79235fff8d0619d7-EWR expires Tue, 07 Feb 2023 15:10:35 GMT
GET H/1.1	200 OK	.-5737-logo_after.js Show response clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/js/	15 KB 7 KB	244ms 219ms	Script application/x-javascript	2606:4700:3035::6815:45e9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/js/.-5737-logo_after.js Requested by Host: clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:45e9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e88ef73d4e2c14a59e97dbc8f4fd627fc396a9a89bf2ef7d3bcc874b1f30cded` Request headers accept-language en-US,en;q=0.9 Referer http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Date Tue, 31 Jan 2023 15:10:35 GMT content-encoding gzip CF-Cache-Status MISS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Connection keep-alive alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 6186 last-modified Tue, 28 Jun 2022 05:02:36 GMT Server cloudflare etag "3ad8-62ba8b6c-c2fa0;gz" vary Accept-Encoding Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I%2Bx5Ik9zpi5jSyzeE1G8VT%2B77jCABWrgdJlnhIF53SuPVTGLf7LWWN4006WXlOddFoH%2B0oXODM5iDhk%2BcOfIhxjEhQVpeg1DKFzFrMLdHyDmee4hNVqg%2F%2Bdo3N0uwWGUYRy5OzsPKS0AVNt2j3xCkutU%2BJTlDQLc6%2Fwc%2BMPgQzYqc%2FkzN%2BzmI372qTx%2FFhkIn%2BBt8pI%3D"}],"group":"cf-nel","max_age":604800} Content-Type application/x-javascript cache-control public, max-age=604800 Accept-Ranges bytes CF-RAY 79235fffa8eff021-EWR expires Tue, 07 Feb 2023 15:10:35 GMT
GET H/1.1	404 Not Found	EuclidCircularB-Bold-WebXL.ttf clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/fonts/	0 0	187ms 186ms	Font text/html	2606:4700:3035::6815:45e9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/fonts/EuclidCircularB-Bold-WebXL.ttf Requested by Host: clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:45e9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Origin http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache Date Tue, 31 Jan 2023 15:10:35 GMT Content-Encoding gzip CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked vary Accept-Encoding Content-Type text/html Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YI1DWJfjmIRMMFftk1INiGKcDYpW%2BKwkdat8MJfU5ouiOYozUWALNTgUOB5NYATDIvpvp1o1gl1vEdYtAuFxBdjKXrL%2B1m7W6ot%2FWWsqI9IqpqXut0V%2BzTWVk7vnvAGh81FepRPjhuo5LKrkF8wJ0AzD%2F%2FYV1PJUMOJUGVCy7VmCUcS8zIpdDLv1Pg%2BzTdYrPDmOTwE%3D"}],"group":"cf-nel","max_age":604800} cache-control private, no-cache, max-age=0 Connection keep-alive CF-RAY 79236001a96f19d7-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	EuclidCircularB-Regular-WebXL.ttf clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/fonts/	0 0	194ms 193ms	Font text/html	2606:4700:3035::6815:45e9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/fonts/EuclidCircularB-Regular-WebXL.ttf Requested by Host: clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:45e9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Origin http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache Date Tue, 31 Jan 2023 15:10:35 GMT Content-Encoding gzip CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked vary Accept-Encoding Content-Type text/html Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VPTlGXOdXS4fwMphUW6HOVsM1fjqXhGaZT3AYXnaoyZdWUBKc8j0RpRWEIwwAAOk9Ai9KfkEQCUvXuU0%2FnmyKPrTyLolUFIheyTxjoNkjzzBNyjZ%2BIOZltMtRZqfMM5ylLaLME4XAlGKZBPt%2FxmRk6WqWOLoUWNfd5KhJ9Bebed8UOR3QCF0Nb%2Fev6nnBg62oNgehQs%3D"}],"group":"cf-nel","max_age":604800} cache-control private, no-cache, max-age=0 Connection keep-alive CF-RAY 79236001afdb1829-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/	0 0	203ms 202ms	Font text/html	2606:4700:3035::6815:45e9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff Requested by Host: clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:45e9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Origin http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache Date Tue, 31 Jan 2023 15:10:35 GMT Content-Encoding gzip CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked vary Accept-Encoding Content-Type text/html Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dM7ypFMHl68ZT5IXIWVUGFinp22IHisref4EXIdXiQg8J6huFZkeIkZQoQWinS%2FsE6wyNuelJsHv%2BE4w1vqrnKQCBwI4iiyusNqIyrvRWk65a7Sf9vWpU3Ml40KDzATKbrCVGUbPbm5Izgcn69B8%2BR2t05RsoG8Axbnreo8ond6FzYdLuv1DtEw8u5byRUYVDcV42C4%3D"}],"group":"cf-nel","max_age":604800} cache-control private, no-cache, max-age=0 Connection keep-alive CF-RAY 79236001ab1cf021-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/	0 0	243ms 218ms	Font text/html	2606:4700:3035::6815:45e9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff Requested by Host: clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:45e9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Origin http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache Date Tue, 31 Jan 2023 15:10:35 GMT Content-Encoding gzip CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked vary Accept-Encoding Content-Type text/html Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gGnTNwn%2BHfh8Pqd2wRXt9Bm69dhH7ySQZos1KXYkDfIptnrR20QFZznULMocxwyOADxYKBg%2Bt4wPoIkxjIoqpopGo9CiCM%2FOVsWKh7QRcBZhfjixy6iK%2B4Y4KzY0%2FTTy5Y%2BJ%2BEF%2Fhgg9dHcP80tGgYM6ucx7xxeLUZkF4%2BXNzy%2F8iUuZ7TWP3Aeyvr2H2kubtEGutqI%3D"}],"group":"cf-nel","max_age":604800} cache-control private, no-cache, max-age=0 Connection keep-alive CF-RAY 79236001ce1c1978-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/	0 0	194ms 194ms	Font text/html	2606:4700:3035::6815:45e9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff Requested by Host: clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:45e9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Origin http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache Date Tue, 31 Jan 2023 15:10:36 GMT Content-Encoding gzip CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked vary Accept-Encoding Content-Type text/html Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hWw9BrmYdSM3cKuEC8zSZIXCWVr2aV%2Ff7rw6d5ble6g%2F0RgGKZndOwQYxZ4V6RzWQVCNVG8Qq1PwITV8goRH64gGMI53aWFtDO1yiAGbvxs2%2FvTcAqgWLGk9kHZIRblWRD1piEmQUGEVQFu5zRnexyE1cxiAQnGC2EH4W0Ychgd%2Bf58iNwGJ%2BOks9YEYx87a43dFzv8%3D"}],"group":"cf-nel","max_age":604800} cache-control private, no-cache, max-age=0 Connection keep-alive CF-RAY 79236002da041829-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/	0 0	196ms 195ms	Font text/html	2606:4700:3035::6815:45e9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff Requested by Host: clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:45e9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Origin http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache Date Tue, 31 Jan 2023 15:10:36 GMT Content-Encoding gzip CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked vary Accept-Encoding Content-Type text/html Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VviLlGa5marzEO%2BfatewiH2sL13BkQjUhIRKeHv7Ucm1HXeICs7sk5fmgGc37ShAnVgpjdI%2BTyYtGGzkwIixvdiNJ2%2BvfvH7DW3%2BXuadeNBR2qglFs82N84jUCNoqnaeFDspaZ0LxxflVndx3umtefvTDeqc4CLMzTD4V%2FiV%2Bw8rkOOJkR4WO0IGCQ4CXWimYN4rDk%3D"}],"group":"cf-nel","max_age":604800} cache-control private, no-cache, max-age=0 Connection keep-alive CF-RAY 79236002eb8f19d7-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H/1.1	404 Not Found	KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/	0 0	216ms 216ms	Font text/html	2606:4700:3035::6815:45e9 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff Requested by Host: clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Protocol HTTP/1.1 Server 2606:4700:3035::6815:45e9 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/ Origin http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers pragma no-cache Date Tue, 31 Jan 2023 15:10:36 GMT Content-Encoding gzip CF-Cache-Status BYPASS NEL {"success_fraction":0,"report_to":"cf-nel","max_age":604800} Server cloudflare Transfer-Encoding chunked vary Accept-Encoding Content-Type text/html Report-To {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qu3waNY4hTi7zU0gwWWaPcSCKnZo8voxjXDSTHAFGeu9FIgmNeiqHm9ns1pMG7vTbG00hGwMfThTwRHeJr7RwPiRRwTMoAmsXlI31Palfvl9OBt%2Fb%2FMPSflVrVuU1XjTBMYzud%2Bd8sPE4xZ7MAKfsGsye0L0rKdVhNy8PvtI%2FtUDI%2B3jdEfnJurRn1eL9pTQGSOTik0%3D"}],"group":"cf-nel","max_age":604800} cache-control private, no-cache, max-age=0 Connection keep-alive CF-RAY 792360032d53f021-EWR alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/fonts/EuclidCircularB-Bold-WebXL.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/fonts/EuclidCircularB-Regular-WebXL.ttf Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/KFOlCnqEu92Fr1MmYUtfBBc4AMP6lQ.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu/s/roboto/v27/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu
2606:4700:3035::6815:45e9
9dc1d0f5abbe9559d7803026159b0687533fe2e03da3ff47b3e70c8606f54204
bfefca810b4d336318e4efee744dc69321a39e3df3e9c5889e2038720c08ac12
e88ef73d4e2c14a59e97dbc8f4fd627fc396a9a89bf2ef7d3bcc874b1f30cded
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu Open in urlscan Pro 2606:4700:3035::6815:45e9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

0 %HTTPS

100 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

75 kBTransfer

390 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

7 Console Messages

Indicators

clnrone-extension-fdgfkebogiimcoedliclksmjklkuynmh.icu Open in urlscan Pro
2606:4700:3035::6815:45e9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

0 %
HTTPS

100 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

75 kB
Transfer

390 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!