metamaskconfirmidentify.com
Open in
urlscan Pro
2606:4700:3032::ac43:d97c
Malicious Activity!
Public Scan
Effective URL: https://metamaskconfirmidentify.com/metamask.html
Submission Tags: tweet @ecarlesi #phishing #metamask Search All
Submission: On January 18 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by GTS CA 1P5 on January 17th 2023. Valid for: 3 months.
This is the only time metamaskconfirmidentify.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Metamask (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:303... 2606:4700:3034::6815:3e06 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
24 | 2606:4700:303... 2606:4700:3032::ac43:d97c | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
27 | 2 |
ASN13335 (CLOUDFLARENET, US)
metamaskconfirmidentify.com |
ASN13335 (CLOUDFLARENET, US)
metamaskconfirmidentify.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
metamaskconfirmidentify.com
1 redirects
metamaskconfirmidentify.com |
273 KB |
27 | 1 |
Domain | Requested by | |
---|---|---|
25 | metamaskconfirmidentify.com |
1 redirects
metamaskconfirmidentify.com
|
27 | 1 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.metamaskconfirmidentify.com GTS CA 1P5 |
2023-01-17 - 2023-04-17 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://metamaskconfirmidentify.com/metamask.html
Frame ID: 4852494749D8339A1BB167CBE7FC6E94
Requests: 29 HTTP requests in this frame
Screenshot
Page Title
MetaMaskPage URL History Show full URLs
-
http://metamaskconfirmidentify.com/
HTTP 301
https://metamaskconfirmidentify.com/ Page URL
- https://metamaskconfirmidentify.com/metamask.html Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://metamaskconfirmidentify.com/
HTTP 301
https://metamaskconfirmidentify.com/ Page URL
- https://metamaskconfirmidentify.com/metamask.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://metamaskconfirmidentify.com/ HTTP 301
- https://metamaskconfirmidentify.com/
27 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
metamaskconfirmidentify.com/ Redirect Chain
|
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
connect.css
metamaskconfirmidentify.com/css/ |
884 KB 75 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metamask-logo-horizontal.svg
metamaskconfirmidentify.com/img/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metamask-fox.svg
metamaskconfirmidentify.com/img/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.js
metamaskconfirmidentify.com/js/ |
78 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
carousel.min.css
metamaskconfirmidentify.com/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
caret-down.svg
metamaskconfirmidentify.com/img/ |
289 B 289 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EuclidCircularB-Regular-WebXL.ttf
metamaskconfirmidentify.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
metamask.html
metamaskconfirmidentify.com/ |
709 KB 76 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
font-awesome.min.css
metamaskconfirmidentify.com/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
9 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery-3.2.1.js
metamaskconfirmidentify.com/static/js/ |
136 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
levenshtein.js
metamaskconfirmidentify.com/static/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bitcoinjs-3.3.2.js
metamaskconfirmidentify.com/static/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sjcl-bip39.js
metamaskconfirmidentify.com/static/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wordlist_english.js
metamaskconfirmidentify.com/static/js/ |
17 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wordlist_japanese.js
metamaskconfirmidentify.com/static/js/ |
30 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wordlist_spanish.js
metamaskconfirmidentify.com/static/js/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wordlist_chinese_simplified.js
metamaskconfirmidentify.com/static/js/ |
12 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
wordlist_chinese_traditional.js
metamaskconfirmidentify.com/static/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wordlist_french.js
metamaskconfirmidentify.com/static/js/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wordlist_italian.js
metamaskconfirmidentify.com/static/js/ |
20 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wordlist_korean.js
metamaskconfirmidentify.com/static/js/ |
41 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jsbip39.js
metamaskconfirmidentify.com/static/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
lo0k.js
metamaskconfirmidentify.com/static/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EuclidCircularB-Regular-WebXL.ttf
metamaskconfirmidentify.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
fa-solid-900.woff2
metamaskconfirmidentify.com/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fa-solid-900.woff
metamaskconfirmidentify.com/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- metamaskconfirmidentify.com
- URL
- https://metamaskconfirmidentify.com/static/js/bitcoinjs-3.3.2.js
- Domain
- metamaskconfirmidentify.com
- URL
- https://metamaskconfirmidentify.com/static/js/wordlist_chinese_traditional.js
- Domain
- metamaskconfirmidentify.com
- URL
- https://metamaskconfirmidentify.com/fonts/fa-solid-900.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Metamask (Crypto)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontentvisibilityautostatechange function| $ function| jQuery object| Levenshtein0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
metamaskconfirmidentify.com
metamaskconfirmidentify.com
2606:4700:3032::ac43:d97c
2606:4700:3034::6815:3e06
04247722bcc859bacb03d11f07541e740b00fd00b2a2e79531b9c39fe5f63991
0d22e04c1e9f92ed5d05e9612f7ea51938d4d45403c67d7b675820d7bf2ac4e9
41f59ec5d59f17850334323c174baef773d00ed5bb48e3739d77bb41b3c59c00
52e857df6983767c4d4b8f1db527858d50f27c13b818387943a058046a36a844
53371383e7fb7242378f6ea739f6fa8c56a43b6fabdd1439897e0e13f0ad6881
57f100e44970350879eb4d9c33fa228d0dd70899a6e3a4fa02f9aa0c1a4a1f27
62d7e52c2cc2b367208684d4ef9485788a7d5889ffeda5c0569ec41e8bf0fd49
8354c34997ad9566bea91fce390f6dde2037bb8fd0231fd3e63c7336499e5590
906f577fa1acc2b6c5a8238e1ed3f06c923d94f74da28b05573417b0a9b7c684
9e37c92f45aea2939910aef0371260204a160501cfbb20c7c0830a32e6671653
a16a0b8b5d7b7083fd09f3bb8c38f39f091284d67fd37f5ef2f35852e011fce9
a2779239ae69999a04e2e98ee5be8a282a21b41b7b4c6ce00c881ecc82fcaa50
b2d2129a2626eba7519401d65c14d78fb017fcb04b38854d69bcca6fd5134ee2
b855851451c3eb7220bc7331d6cf7f19dad4580ebc35610211f028848ba7fc34
d3cd7b93b4eacbff385e85877240dc246c3f82f4485d1d41aa0d5def8cb00b06
d40d3161e420b7dd64253af81204498485857f2364ff312aff19ddf457d67761
d838d885eca1f171fa16604c686db6aac67147106fa33d0ca02dc2daf9600ec7
dd58854a392b9321d5f77d79afe4be7b1256f4bcc1cc25e6fbcee7f8e58d8719
e5051437ef2d96827703bf116f37b76f45ea05c82a9accb567a3a24017f5975a
ec6509b3ba6fdcf3e3fdf7ef2f80582e5f4fa8f39f9d94a3da00bdc865563056
f7350e78422059731484db734b66a06236eca8d80368b8469b6d53062020e886