extension-metamask-wallet[.]com
Domain Security & Threat Intelligence Report
Analyst Security Overview
AI-GeneratedThe domain extension-metamask-wallet.com poses as a legitimate MetaMask wallet extension, aiming to deceive users into providing sensitive information. With a VirusTotal detection score of 17/95, this site is flagged as a potential phishing threat. Its connection to the well-known MetaMask brand enhances its credibility, making it particularly dangerous for users seeking trusted wallet services.
Registered for 217 days through Hosting Concepts B.V. d/b/a Registrar.eu, this domain is hosted on the IP address 198.18.0.92 and has been blocklisted by three different security services. The recent age of the domain indicates an ongoing effort to exploit users, while its current status is active, confirming that it continues to operate and potentially harm individuals.
PhishDestroy is actively monitoring extension-metamask-wallet.com and has reported it to relevant authorities. Continual surveillance and threat detection measures are in place to mitigate the risks associated with this phishing website, ensuring user safety against identity theft and fraud.
Threat Response Pipeline
Public Blocklist Status
Website Screenshot
Domain Intelligence
ina2.registrar.eu
ina3.registrar.eu
ns1.byet.org
ns2.byet.org
ns3.byet.org
ns4.byet.org
ns5.byet.org
verify1.registrar.eu
verify2.registrar.eu
verify3.registrar.eu
abuse@registrar.eu
VirusTotal Analysis
Evidence & External Reports
Were You Affected by This Site?
If you have interacted with this domain, entered personal information, or connected a cryptocurrency wallet — take immediate action. Below are resources to help you report the incident and protect yourself.
Report to Your Local Authorities
Select your country to see local cybercrime reporting contacts and complaint templates.
Related Domain Reports
Other Domains on 198.18.0.92
More Domains at Hosting Concepts B.V. d/b/a Registrar.eu
Stay Informed, Stay Safe
Monitor live threats or contest this listing if you believe it's a false positive
URLScan Report