urlscan.io logo urlscan.io
SecurityTrails logo

metamask.io-update.app Open in urlscan Pro
47.254.174.32  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://metamask-verification.com/
Effective URL: https://metamask.io-update.app/
Submission: On October 09 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 14 HTTP transactions. The main IP is 47.254.174.32, located in Frankfurt am Main, Germany and belongs to CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN. The main domain is metamask.io-update.app.
TLS certificate: Issued by R3 on September 15th 2021. Valid for: 3 months.
This is the only time metamask.io-update.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

IP Address AS Autonomous System
2 173.239.8.164 27257 (WEBAIR-IN...)
2 2 173.192.101.24 36351 (SOFTLAYER)
1 1 172.67.199.243 13335 (CLOUDFLAR...)
1 10 47.254.174.32 45102 (CNNIC-ALI...)
1 104.16.19.94 13335 (CLOUDFLAR...)
1 142.250.186.35 15169 (GOOGLE)
1 104.21.90.240 13335 (CLOUDFLAR...)
14 5
2    173.239.8.164 (United States)

ASN27257 (WEBAIR-INTERNET, US)
PTR: icsvm3.webair.com
metamask-verification.com
2    173.192.101.24 (Dallas, United States)

ASN36351 (SOFTLAYER, US)
PTR: 18.65.c0ad.ip4.static.sl-reverse.com
mybetterdl.com
p226681.mybetterdl.com
1    172.67.199.243 (United States)

ASN13335 (CLOUDFLARENET, US)
adstrackme.com
10    47.254.174.32 (Frankfurt am Main, Germany)

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)
metamask.io-update.app
1    104.16.19.94 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com
1    104.21.90.240 (None, )

ASN13335 (CLOUDFLARENET, US)
tanalytics.xyz
Domain Requested by
10 metamask.io-update.app 1 redirects metamask-verification.com
metamask.io-update.app
2 metamask-verification.com
1 tanalytics.xyz
1 fonts.gstatic.com metamask.io-update.app
1 cdnjs.cloudflare.com metamask.io-update.app
1 adstrackme.com 1 redirects
1 p226681.mybetterdl.com 1 redirects
1 mybetterdl.com 1 redirects
14 8

This site contains no links.

Subject Issuer Validity Valid
metamask.io-update.app
R3		 2021-09-15 -
2021-12-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh

This page contains 1 frames:

Primary Page: https://metamask.io-update.app/
Frame ID: 12A6C9CE88C1C9DB3FDB90227A98BFE9
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MetaMask Download

Page URL History Show full URLs

  1. http://metamask-verification.com/ Page URL
  2. http://metamask-verification.com/ Page URL
  3. https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6TV7tX4V9JMK-Qe9oeAxWhYV4HPe1PN31VPO9R416BnmH5XPU-DA... HTTP 302
    https://p226681.mybetterdl.com/adServe/domainClick?ai=0riecu378Dk7_0JnLqAMl4E9t0vm0pw2nMZoldo3UhFNJU3lEPq1m... HTTP 302
    https://adstrackme.com/s6Wrdx8Q?keyword=metamask-verification.com&cost=0.2&currency=USD&external_id... HTTP 302
    https://metamask.io-update.app/?key=123&subid=209r496sosn HTTP 307
    https://metamask.io-update.app/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • fingerprint(\d)?(?:\.min)?\.js

Page Statistics

14
Requests

86 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

5
IPs

3
Countries

226 kB
Transfer

249 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://metamask-verification.com/ Page URL
  2. http://metamask-verification.com/ Page URL
  3. https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6TV7tX4V9JMK-Qe9oeAxWhYV4HPe1PN31VPO9R416BnmH5XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZbCQNB8oA6b8o_2szb4ydphLvJ3coLAj2sLI_RalizEQmcVjFyxSKD9mNp-ZNGHhw17vPAfhbGFb09ao6AvleqnRMjqN2K_1mBRD74Cp9XewD3yWMjiR1iPzfLHHiHlyfDGMjuZ1bhU2Fuxez9sG2NEkOwHuSghrEo3CqiMCGJQEssCTGWXoyCMd_W2M-H9mGz9WD_zZg_sVZzJu3ADLeAaG1doKBArCgSsWp_b0kUq1R1AJD2gofWdIp3ADDIrzaJ1u_yRB5OSrIz4jC6OPGxsBifWzjQnROxvc_feARX5gdorc8TER0fQT60x9D5f0yimy-jbeB2TjSOmW-A_NFZLXABXAr8TvWpGZv23zSGwNovyKNQAnNgNDHBUqtKR3B3_1N5s_s6Febdixl-N4yQNiGARzD3PXvAoAaETOuc-o4R8i6pd8XWA7mMCMqZMrx_YMAEA44T9Duo4BDo2fOYbz5a9xoc2_vW1qZV3AVkDEWClupmius0bUqyEXPJOo5VPhAChNT-v7LckXeRGNfg3nW_JHZGh6l3wAeVCubD1hRc8aqypaamLEsmTLvhuqmzx-bzKf0jj0yGKspBprarXeoAeSodv-OpHyDkhsS9rS58kjSdWIiggsjpowU0Gd9OS11gVrY0sPF9OVgFNDNvCv7jqfzjSN31TVrf8fNIfd5jgp_XSA3WmEtTGgCAAUkbcuUceiUoA10Gp7-M1c5vFhDCmxa9h_jzzLClwP7MY9KyFWHqvnFB9AVVIobBYEHxPMbioz9KSRvDtyrHl-D_l5vX9MvZ4ZilEQSb8Dbu-RSAy8nybs3JwLlAJxBEP5IYJk_mJNkVIRVDRl1RsE27tt9VrK1u66RySUlxL8ASeXAtE7EGozl11DqnyD1oMTw8eWMKZZ6tD42otAYfBAiuenUf7x4COxO62d7x_ipHerWz_pI3_0G3iZJ7oUoyrlfmWpQ72bc4t2OuhtpbN7grNlCwZX2dw9jxff-1LWX46P7a51NIz6QK8V8Mzi_jaaIJWz0wOzVnPWygNm1m3Qq0RPV9wGELAqQBJ96XZxkqEKR0wOys_X6PeJip01C8trXkIE3rD_YYcRg0R1huLlliAlxsKB_LBxyDMWDEcIrEsluFClVyyFIA6tqCJWlIXuPiXimj-ytXsIJhccXI35do1o0ZQWr8yGfTnmBlX7ANpNrRKD6-YFM62x7940UJlp0i2L-4COsWdTlIP5ptT_pYvSlk_fnsutmWJzI1I19HQtb_CQ4iURDOmlv-9QrW5wtZROa1cKlgy16AXVwBYejTe2KSXVHQr-eLQCd7mALja55XmWfU0oQ-Xip5mg4147vMvnd0EE6P662-Sdn899TChFsxBmGBpt_L47sxemzLfau3iBbrDSqqhAUya0tZsfjXo6BN1QSmhr1ttHk-cffItRxfnlLl1BMXc4Z29nZjWWg3vRT21V-Q05CDJKxbV2y0mhgJblD5ss3Wc7YgG_4OiY0848uURXej3l6JxzC1aeIKrFDJ0d07f2m2uOhuSOHuRwRwBiPGktwib30UC7yztiAbtp9NeTI HTTP 302
    https://p226681.mybetterdl.com/adServe/domainClick?ai=0riecu378Dk7_0JnLqAMl4E9t0vm0pw2nMZoldo3UhFNJU3lEPq1mYZ2m_efEw3y-_ACIpIOd8S4UJb8bH400jpSP4sCcwhJeiberlSrt6uBm883W2KgpGqAQTR_kWOHRNsNohWzGfZb9VHFY9cTdGWp__riXRnqGnLL9g3RhC2ktJmalqtYda7eIFusNKqqEBTJrS1mx-NejoE3VBKaGtJfQlFmkXCoeyZeB4t_supbj8yLhZgjMpv-RIH4A3-ECo9FiMZWG5j6oFfj9EPe-X-oJi-H9AZD_gmZk_1vPboHmv4eM-ZIwq_73nZzCkLFJmCCRov00lFk38X7NSW9FaHwd9wVvpvaQxvgOjvL5v4N7Ssv4XmSKZZXpgFk2j54e8rROKEv96SS-CpzjmCCRSkbjTnD0JcoWrkuEiZvcEKC67YP62osaVKsh-dcjcrEf7X8aqNKDMBICUQx8RHS_UFuyjOQLz4P4HJunKpK9iGB4S06_HjXNVisct7fyi_yL0h065FuFzo&ui=w_Wj54-Mm6TV7tX4V9JMKxThTij6CEvk5BqBrDJxXOEHmv4eM-ZIwvMERjreiCMBxGUN-LVCjJ-CfNERpBYIdzpsXj8nR6PFLthCnSJUWcsrhp_dMhukdQ&si=1&oref=a0c894c79e279f5f6c9bd366b32b7acd&optunit=rt4gW6w0qqoQFMmtLWbH416OgTdUEpoaedKJQNXmIYM&rb=fo1ZlrwmrMc&rr=1&abtg=0 HTTP 302
    https://adstrackme.com/s6Wrdx8Q?keyword=metamask-verification.com&cost=0.2&currency=USD&external_id=87259192718&creative_id=@@CREATIVE-ID@@&ad_campaign_id=mmask+referral&source=440182604 HTTP 302
    https://metamask.io-update.app/?key=123&subid=209r496sosn HTTP 307
    https://metamask.io-update.app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
metamask-verification.com/ 		378 B
457 B 		Document
General
Check archive.org
Download Go to
Full URL
http://metamask-verification.com/
Protocol
HTTP/1.1
Server
173.239.8.164 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
icsvm3.webair.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Host
metamask-verification.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Server
nginx/1.18.0
Date
Sat, 09 Oct 2021 09:22:40 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
Cookie set /
metamask-verification.com/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://metamask-verification.com/
Protocol
HTTP/1.1
Server
173.239.8.164 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
icsvm3.webair.com
Software
nginx/1.18.0 /
Resource Hash

Request headers

Host
metamask-verification.com
Connection
keep-alive
Content-Length
12
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Origin
http://metamask-verification.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://metamask-verification.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
Origin
http://metamask-verification.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://metamask-verification.com/

Response headers

Server
nginx/1.18.0
Date
Sat, 09 Oct 2021 09:22:40 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
ipc=eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjI5MCwiZmVlZElkIjoyMSwidHMiOjE2MzM3NzEzNjAsImhhc2giOiIzNzg2YzY4YyJ9;Expires=Sat, 09-Oct-2021 10:22:40 GMT;Max-Age=3600
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip
Primary Request /
metamask.io-update.app/
Redirect Chain
  • https://mybetterdl.com/aS/feedclick?s=w_Wj54-Mm6TV7tX4V9JMK-Qe9oeAxWhYV4HPe1PN31VPO9R416BnmH5XPU-DAmA9J-J_MlxHbnZPYJMKbc_lPFsLtTfRMmnZbCQNB8oA6b8o_2szb4ydphLvJ3coLAj2sLI_RalizEQmcVjFyxSKD9mNp-ZNGHh...
  • https://p226681.mybetterdl.com/adServe/domainClick?ai=0riecu378Dk7_0JnLqAMl4E9t0vm0pw2nMZoldo3UhFNJU3lEPq1mYZ2m_efEw3y-_ACIpIOd8S4UJb8bH400jpSP4sCcwhJeiberlSrt6uBm883W2KgpGqAQTR_kWOHRNsNohWzGfZb9VH...
  • https://adstrackme.com/s6Wrdx8Q?keyword=metamask-verification.com&cost=0.2&currency=USD&external_id=87259192718&creative_id=@@CREATIVE-ID@@&ad_campaign_id=mmask+referral&source=440182604
  • https://metamask.io-update.app/?key=123&subid=209r496sosn
  • https://metamask.io-update.app/
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://metamask.io-update.app/
Requested by
Host: metamask-verification.com
URL: http://metamask-verification.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
47.254.174.32 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
80db6707502fe5c22a7730e3f541bef6ffcc20f7ec33e9bac65eb41749e93192

Request headers

Host
metamask.io-update.app
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://metamask-verification.com/
Accept-Encoding
gzip, deflate, br
Cookie
PHPSESSID=724hdi6dvua2ppc52gn810raoh; key=123; subid=209r496sosn
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://metamask-verification.com/

Response headers

Server
nginx/1.14.2
Date
Sat, 09 Oct 2021 09:22:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx/1.14.2
Date
Sat, 09 Oct 2021 09:22:42 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
PHPSESSID=724hdi6dvua2ppc52gn810raoh; path=/ key=123 subid=209r496sosn
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://metamask.io-update.app
main.css
metamask.io-update.app/ 		16 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://metamask.io-update.app/main.css
Requested by
Host: metamask.io-update.app
URL: https://metamask.io-update.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
47.254.174.32 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
40473547936835598d165e4d4ac8c8a8d814c0fead89ad94e02ba1c9a1c27d59

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
metamask.io-update.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://metamask.io-update.app/
Cookie
PHPSESSID=724hdi6dvua2ppc52gn810raoh; key=123; subid=209r496sosn
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://metamask.io-update.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 09:22:42 GMT
Last-Modified
Thu, 18 Mar 2021 07:33:58 GMT
Server
nginx/1.14.2
ETag
"60530266-415a"
Content-Type
text/css
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16730
Expires
Thu, 31 Dec 2037 23:55:55 GMT
fingerprint2.min.js
cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.4/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/fingerprintjs2/2.1.4/fingerprint2.min.js
Requested by
Host: metamask.io-update.app
URL: https://metamask.io-update.app/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.19.94 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53c4aac592ec3377bab14d9cbdfdad189ffaa15264483d9103b6f05feb6259c2
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://metamask.io-update.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 09 Oct 2021 09:22:42 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
5213275
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
9690
timing-allow-origin
*
last-modified
Thu, 17 Sep 2020 03:51:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5f62dd43-770d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J5GJGhBt88Pak3beSW%2BUYHeoJ%2BdXlxGNkco7XzFzYGYqqHKOQSUK7za2zbHo1rmWBySyqvwNGa5unXGUe20p1z7H2chu7XvO%2F0CkLsS52BF5IteR9hRY7TBImiIsWlja0sQj6A7Q"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
69b68bc52c5805bf-FRA
expires
Thu, 29 Sep 2022 09:22:42 GMT
mm-logo.svg
metamask.io-update.app/images/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metamask.io-update.app/images/mm-logo.svg
Requested by
Host: metamask.io-update.app
URL: https://metamask.io-update.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
47.254.174.32 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
metamask.io-update.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://metamask.io-update.app/
Cookie
PHPSESSID=724hdi6dvua2ppc52gn810raoh; key=123; subid=209r496sosn
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://metamask.io-update.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 09:22:42 GMT
Last-Modified
Thu, 18 Mar 2021 07:35:53 GMT
Server
nginx/1.14.2
ETag
"605302d9-2ef3"
Content-Type
image/svg+xml
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
12019
download-extension.png
metamask.io-update.app/images/ 		103 KB
104 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metamask.io-update.app/images/download-extension.png
Requested by
Host: metamask.io-update.app
URL: https://metamask.io-update.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
47.254.174.32 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
84ea6bece58d7fd72eb4446d06d52e4b8e03eee444cb01c6b1c240eb6c412d02

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
metamask.io-update.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://metamask.io-update.app/
Cookie
PHPSESSID=724hdi6dvua2ppc52gn810raoh; key=123; subid=209r496sosn; name=cw
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://metamask.io-update.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 09:22:42 GMT
Last-Modified
Thu, 18 Mar 2021 07:38:13 GMT
Server
nginx/1.14.2
ETag
"60530365-19dc9"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
105929
Expires
Thu, 31 Dec 2037 23:55:55 GMT
chrome_1chrome.png
metamask.io-update.app/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metamask.io-update.app/images/chrome_1chrome.png
Requested by
Host: metamask.io-update.app
URL: https://metamask.io-update.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
47.254.174.32 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
90af37bb98146aba902ae19d013dc16ead7ea6f5050f339a5728eaf2a068c7ec

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
metamask.io-update.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://metamask.io-update.app/
Cookie
PHPSESSID=724hdi6dvua2ppc52gn810raoh; key=123; subid=209r496sosn; name=cw
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://metamask.io-update.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 09:22:42 GMT
Last-Modified
Thu, 18 Mar 2021 07:39:11 GMT
Server
nginx/1.14.2
ETag
"6053039f-f32"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3890
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Firefox_1Firefox.png
metamask.io-update.app/images/ 		10 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metamask.io-update.app/images/Firefox_1Firefox.png
Requested by
Host: metamask.io-update.app
URL: https://metamask.io-update.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
47.254.174.32 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
52c88349bd9d45937236e20a4c9928f8a15db9dc7418436900e667b344e079c5

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
metamask.io-update.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://metamask.io-update.app/
Cookie
PHPSESSID=724hdi6dvua2ppc52gn810raoh; key=123; subid=209r496sosn; name=cw
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://metamask.io-update.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 09:22:42 GMT
Last-Modified
Thu, 18 Mar 2021 07:38:40 GMT
Server
nginx/1.14.2
ETag
"60530380-290d"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
10509
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Brave.png
metamask.io-update.app/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metamask.io-update.app/images/Brave.png
Requested by
Host: metamask.io-update.app
URL: https://metamask.io-update.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
47.254.174.32 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
cd70b79d81f32aa721dedf46ea682f1f0c1808d2ffe09da63730b2a01380c214

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
metamask.io-update.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://metamask.io-update.app/
Cookie
PHPSESSID=724hdi6dvua2ppc52gn810raoh; key=123; subid=209r496sosn; name=cw
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://metamask.io-update.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 09:22:42 GMT
Last-Modified
Thu, 18 Mar 2021 07:39:16 GMT
Server
nginx/1.14.2
ETag
"605303a4-4a81"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
19073
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Edge.png
metamask.io-update.app/images/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://metamask.io-update.app/images/Edge.png
Requested by
Host: metamask.io-update.app
URL: https://metamask.io-update.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
47.254.174.32 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
6643f9327bc18e8108d0bc474eee816d0807a10dc8ad3702797e8f81f23c888b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
metamask.io-update.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://metamask.io-update.app/
Cookie
PHPSESSID=724hdi6dvua2ppc52gn810raoh; key=123; subid=209r496sosn; name=cw
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://metamask.io-update.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 09:22:42 GMT
Last-Modified
Thu, 18 Mar 2021 07:39:50 GMT
Server
nginx/1.14.2
ETag
"605303c6-8762"
Content-Type
image/png
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34658
Expires
Thu, 31 Dec 2037 23:55:55 GMT
main.js
metamask.io-update.app/ 		591 B
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://metamask.io-update.app/main.js
Requested by
Host: metamask.io-update.app
URL: https://metamask.io-update.app/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
47.254.174.32 Frankfurt am Main, Germany, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
68ecfe4304fd63bf094e260ba82fb4ecd0a87e4cc17b62495a5564aa1fd8e68b

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
metamask.io-update.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://metamask.io-update.app/
Cookie
PHPSESSID=724hdi6dvua2ppc52gn810raoh; key=123; subid=209r496sosn
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://metamask.io-update.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Sat, 09 Oct 2021 09:22:42 GMT
Last-Modified
Mon, 17 May 2021 07:37:43 GMT
Server
nginx/1.14.2
ETag
"60a21d47-24f"
Content-Type
application/javascript; charset=utf-8
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
591
Expires
Thu, 31 Dec 2037 23:55:55 GMT
xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
fonts.gstatic.com/s/changaone/v13/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/changaone/v13/xfu00W3wXn3QLUJXhzq42AHiuQ.woff2
Requested by
Host: metamask.io-update.app
URL: https://metamask.io-update.app/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.35 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f3.1e100.net
Software
sffe /
Resource Hash
e2bce7e3f85456cb30a1803f8f261157ca8922d7e0b1c5baf421d65cfd87619d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://metamask.io-update.app/
Origin
https://metamask.io-update.app
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 11:04:06 GMT
x-content-type-options
nosniff
age
425916
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7924
x-xss-protection
0
last-modified
Tue, 01 Sep 2020 04:39:55 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Oct 2022 11:04:06 GMT
/
tanalytics.xyz/ 		0
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tanalytics.xyz/?_update_tokens=1&sub_id=209r496sosn&sub_id_8=&sub_id_9=-1&sub_id_10=cw&sub_id_11=locste&sub_id_12=en-US,en&sub_id_13=false&sub_id_14=0&sub_id_15=0cc473a557dc486624a263b9634cac74&return=img
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.90.240 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://metamask.io-update.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 09 Oct 2021 09:22:43 GMT
cf-cache-status
DYNAMIC
last-modified
Sat, 09 Oct 2021 09:22:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UJca%2BP1DHdIEFNy5CnT9TuIx5rl3Zf8Wja1fbJvvMDzKjb0TNyd%2FTtHkysN0k%2Fjucax%2F5yaTX%2B4SQ%2FRf%2BY4N6OuXxnygcJmQS2JnDWwfX%2Fk7Z4pC%2BvXwKzApS39KxMxGiA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate,post-check=0,pre-check=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
69b68bca9d61f9e6-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0
expires
0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster function| Fingerprint2 object| xd number| mm boolean| br undefined| c string| lse function| setCookie function| getCookie string| cook string| yad string| subid function| update_tokens number| timezone string| kUrl

10 Cookies

Domain/Path Name / Value
metamask-verification.com/ Name: ipc
Value: eyJ2ZXJzaW9uIjoxLCJzdWJJZCI6MywiZm9sZGVySWQiOjI5MCwiZmVlZElkIjoyMSwidHMiOjE2MzM3NzEzNjAsImhhc2giOiIzNzg2YzY4YyJ9
.mybetterdl.com/ Name: rhid
Value: 79826358868
.mybetterdl.com/ Name: loi
Value: ad_1099815_off_546437_aff_89708_cid_226681-METAMASK-VERIFICATION.COM_ts_1633771361
adstrackme.com/ Name: _subid
Value: 209r496sosn
adstrackme.com/ Name: _token
Value: uuid_209r496sosn_209r496sosn61615f618bfe45.52595013
adstrackme.com/ Name: f5ddc
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjUzNlwiOjE2MzM3NzEzNjF9LFwiY2FtcGFpZ25zXCI6e1wiMTU4XCI6MTYzMzc3MTM2MX0sXCJ0aW1lXCI6MTYzMzc3MTM2MX0ifQ.lXtZo7MWxgy28MJ5dJtHhi98CJXNhNcVue31ScRuBDE
metamask.io-update.app/ Name: PHPSESSID
Value: 724hdi6dvua2ppc52gn810raoh
metamask.io-update.app/ Name: key
Value: 123
metamask.io-update.app/ Name: subid
Value: 209r496sosn
metamask.io-update.app/ Name: name
Value: cw