metamask-wallet.agr-altmark.de Open in urlscan Pro
2606:4700:3033::ac43:91e4 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://criador-futsal.net/wp/m2ndnz5d4re52q7a/
Effective URL:
https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard
Submission: On March 22 via manual (March 22nd 2024, 9:04:38 am UTC) from LV — Scanned from JP

Summary HTTP 5 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3033::ac43:91e4, located in United States and belongs to CLOUDFLARENET, US. The main domain is metamask-wallet.agr-altmark.de.
TLS certificate: Issued by GTS CA 1P5 on March 3rd 2024. Valid for: 3 months.

This is the only time metamask-wallet.agr-altmark.de was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address	AS Autonomous System
1 1	163.43.87.183 163.43.87.183	9370 (SAKURA-B ...) (SAKURA-B SAKURA Internet Inc.)
1	45.55.112.74 45.55.112.74	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2606:4700:303... 2606:4700:3033::ac43:91e4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.164.110.80 3.164.110.80	16509 (AMAZON-02) (AMAZON-02)
5	5

1 163.43.87.183 (Hinode, Japan) 1 redirects

ASN9370 (SAKURA-B SAKURA Internet Inc., JP)
PTR: www3943.sakura.ne.jp

criador-futsal.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.55.112.74 (San Francisco, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

metamask-connection.codeanyapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3033::ac43:91e4 (United States)

ASN13335 (CLOUDFLARENET, US)

metamask-wallet.agr-altmark.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.164.110.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-164-110-80.nrt12.r.cloudfront.net

cdn.ethers.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	agr-altmark.de metamask-wallet.agr-altmark.de	784 KB
1	ethers.io cdn.ethers.io — Cisco Umbrella Rank: 570742
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 387	225 KB
1	codeanyapp.com metamask-connection.codeanyapp.com	262 B
1	criador-futsal.net 1 redirects criador-futsal.net	123 B
5	5

	Domain	Requested by
2	metamask-wallet.agr-altmark.de	metamask-wallet.agr-altmark.de
1	cdn.ethers.io	metamask-wallet.agr-altmark.de
1	cdnjs.cloudflare.com	metamask-wallet.agr-altmark.de
1	metamask-connection.codeanyapp.com
1	criador-futsal.net	1 redirects
5	5

This site contains links to these domains. Also see Links.

Domain
metamask.io

Subject Issuer	Validity	Valid
codeanyapp.com R3	`2024-01-17` - `2024-04-16`	3 months	crt.sh
agr-altmark.de GTS CA 1P5	`2024-03-03` - `2024-06-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
ethers.io Amazon RSA 2048 M03	`2023-09-30` - `2024-10-27`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard
Frame ID: 55752F630A6682C2359D6E14498E82A2
Requests: 21 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

MetaMask Portfolio - Dashboard

Page URL History Show full URLs

https://criador-futsal.net/wp/m2ndnz5d4re52q7a/ HTTP 302
https://metamask-connection.codeanyapp.com/s3n7a5ze7r8ok/?8193ae228193ae22 Page URL
https://metamask-wallet.agr-altmark.de/meta/ Page URL
https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Page Statistics

5
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1956 kB
Transfer

4045 kB
Size

1
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://metamask.io/terms.html
Title: Terms of service

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://criador-futsal.net/wp/m2ndnz5d4re52q7a/ HTTP 302
https://metamask-connection.codeanyapp.com/s3n7a5ze7r8ok/?8193ae228193ae22 Page URL
https://metamask-wallet.agr-altmark.de/meta/ Page URL
https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://criador-futsal.net/wp/m2ndnz5d4re52q7a/ HTTP 302
https://metamask-connection.codeanyapp.com/s3n7a5ze7r8ok/?8193ae228193ae22

5 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/
metamask-connection.codeanyapp.com/s3n7a5ze7r8ok/
Redirect Chain

https://criador-futsal.net/wp/m2ndnz5d4re52q7a/
https://metamask-connection.codeanyapp.com/s3n7a5ze7r8ok/?8193ae228193ae22

168 B
262 B

637ms
306ms

Document
text/html

45.55.112.74
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://metamask-connection.codeanyapp.com/s3n7a5ze7r8ok/?8193ae228193ae22
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 45.55.112.74 San Francisco, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

content-encoding: gzip
content-length: 140
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 08:23:02 GMT
server: openresty
vary: Accept-Encoding

Redirect headers

content-length: 0
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 09:04:33 GMT
location: https://metamask-connection.codeanyapp.com/s3n7a5ze7r8ok/?8193ae228193ae22
server: nginx

GET
H2 200 /
metamask-wallet.agr-altmark.de/meta/ 86 B
555 B 810ms
652ms Document
text/html 2606:4700:3033::ac43:91e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metamask-wallet.agr-altmark.de/meta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:91e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://metamask-connection.codeanyapp.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 868503d46dfd91ba-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 09:04:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5StC6jRKBVoN0bMnZqWsDYGn9dQLJVy%2FmCQe28%2FX47UDzT%2FpweGUuG64eiRbyyRfmYYktlFN6m4RKNMUWhNqo81DommVBc865PTgaM5z3YYscKvLCb5tRM9Ha50izSqeZDzJ94rp8PoFuzSZqQsX6mfVOL2Rjp0U2Lkr0ug%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 Primary Request portfolio.php Show response
metamask-wallet.agr-altmark.de/meta/ 2 MB
784 KB 419ms
418ms Document
text/html 2606:4700:3033::ac43:91e4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard
Requested by: Host: metamask-wallet.agr-altmark.de
URL: https://metamask-wallet.agr-altmark.de/meta/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::ac43:91e4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea8e7bb1e303c573b0fb30dc9a25c5456397c8efe767ebfa6859189c7a7e86db

Request headers

Referer: https://metamask-wallet.agr-altmark.de/meta/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language: jp-JP,jp;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 868503d8999a91ba-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 22 Mar 2024 09:04:35 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BSvyFY8M6%2BH4HknrcP1yNynD9JemzK8TYamh68NUz4S7Hx03aFvYjVluOJZ%2FCoQyLaVt1xmYQVuYwZd0DanztJf4zpydDCr6iTouPer%2FNlgC4ZjHYKr0X4QW%2FyY%2FVaNoqJ8dlZi9BkTiYdaCnxdYjXqiCEMWC78YTGH10YY%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
H2 200 web3.min.js Show response
cdnjs.cloudflare.com/ajax/libs/web3/1.3.6/ 1 MB
225 KB 17ms
11ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/web3/1.3.6/web3.min.js

Requested by

Host: metamask-wallet.agr-altmark.de
URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1d01766d9feb5c709474de9ae18ad4f2b5432e538ee2f1b155db4925f7d0420

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://metamask-wallet.agr-altmark.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date: Fri, 22 Mar 2024 09:04:35 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1321522
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 229245
last-modified: Tue, 08 Jun 2021 09:38:13 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60bf3a85-37f7d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FMFa%2Fk1SnS3rSrb%2FhwYF6xd%2FtJkekXUfk%2Bamd4LOUN3Tu%2BIfwIsNX8FUo%2B5rak3JKMmg5Dmf6mLt6cDxYlYvEco8WtVcKAOYK15RxzPDLfGeCir4Ly31pGc%2B%2Fabq48M3lHfRn0t7NDw5zNnC%2FBSLHQZH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 868503db099e688f-NRT
expires: Wed, 12 Mar 2025 09:04:35 GMT

GET
H2 403 ethers-5.4.5.min.js
cdn.ethers.io/lib/ 0
0 698ms
682ms Script
application/xml 3.164.110.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ethers.io/lib/ethers-5.4.5.min.js
Requested by: Host: metamask-wallet.agr-altmark.de
URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.164.110.80 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-3-164-110-80.nrt12.r.cloudfront.net
Software: /
Resource Hash

Request headers

accept-language: jp-JP,jp;q=0.9
Referer: https://metamask-wallet.agr-altmark.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ 17 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0c23761375d9072bcd966a43ea8e050c9e0f011d9cbd6e9d6ee561852225daa

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 17 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34c7653ec7daf5a1b38384b3d84fd14bc975ef3511b0a7c53e860e033eb238a2

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b855851451c3eb7220bc7331d6cf7f19dad4580ebc35610211f028848ba7fc34

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 675 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25cb88faa997399f1dfe71653605c1403cb9c8e8fb2e3ecc29f14f6bcac8d8e3

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 18 KB
18 KB Image
binary/octet-stream

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7295a4d58d5407b47a164a721462f3a13a9b41c855ee01c94bec5afa2d8c8a8d

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: binary/octet-stream

GET
DATA 200
OK truncated
/ 115 KB
115 KB Font
font/otf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7668c99e7bd3cad804b34d3c7d4f9a937b5aeb3110362e9a0fe9c1d0be3c1d95

Request headers

Referer
Origin: https://metamask-wallet.agr-altmark.de
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: font/otf

GET
DATA 200
OK truncated
/ 112 KB
112 KB Font
font/otf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 27dfb3a92841554eddbb47efe9c6514bc3c1066a8cb839c99e680a606062a82e

Request headers

Referer
Origin: https://metamask-wallet.agr-altmark.de
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: font/otf

GET
DATA 200
OK truncated
/ 114 KB
114 KB Font
font/otf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 586ccbf1b796bda9998fab9b592fd834c683f414c7eb5922567e7a12795fd29a

Request headers

Referer
Origin: https://metamask-wallet.agr-altmark.de
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: font/otf

GET
DATA 200
OK truncated
/ 112 KB
112 KB Font
font/otf

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d40f41c51e22555a7ce840b7e82548dce8826bd4c82770038993fd9cc5136cfc

Request headers

Referer
Origin: https://metamask-wallet.agr-altmark.de
accept-language: jp-JP,jp;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: font/otf

GET
DATA 200
OK truncated
/ 75 KB
75 KB Image
binary/octet-stream

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc8cf69017b73b9d853a1f9b78628175cc4b3514506b5c515e47a0db4fd0d2be

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: binary/octet-stream

GET
DATA 200
OK truncated
/ 53 KB
53 KB Image
binary/octet-stream

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 167109cd343b80d4073b734e83709db08585964b7c1e439641fa92b69b6f12dc

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: binary/octet-stream

GET
DATA 200
OK truncated
/ 61 KB
61 KB Image
binary/octet-stream

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6627ec089528c1fce648ab29150c60b94d6d211fe885de9cc2b03cb8c5fbca50

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: binary/octet-stream

GET
DATA 200
OK truncated
/ 64 KB
64 KB Image
binary/octet-stream

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 46c548893d7650231b102043303ce85d2644c7bc6b68b51ac96d4a98be8a7afb

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: binary/octet-stream

GET
DATA 200
OK truncated
/ 62 KB
62 KB Image
binary/octet-stream

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78398c4ba3951d854507dbdaf53b7502d975308b0c0fc9f7dcf5dde313154d14

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: binary/octet-stream

GET
DATA 200
OK truncated
/ 75 KB
75 KB Image
binary/octet-stream

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c46dd08f145587e8820612c66014d8b4a434e4704aa475c9e10a651de0d4684a

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: binary/octet-stream

GET
DATA 200
OK truncated
/ 86 KB
86 KB Image
binary/octet-stream

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56d2f981a81d5e7171faece7960bbc7b858d7e817314073c68bae483b478da25

Request headers

accept-language: jp-JP,jp;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Type: binary/octet-stream

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			metamask-wallet.agr-altmark.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: l3tg1ek86npps82i8eige9opbf

27 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.ethers.io/lib/ethers-5.4.5.min.js Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 799) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value
other	warning	URL: https://metamask-wallet.agr-altmark.de/meta/portfolio.php?dashboard#_8cab58e24f790225f(Line 800) Message: <link rel=modulepreload> has no `href` value

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ethers.io
cdnjs.cloudflare.com
criador-futsal.net
metamask-connection.codeanyapp.com
metamask-wallet.agr-altmark.de
163.43.87.183
2606:4700:3033::ac43:91e4
2606:4700::6811:180e
3.164.110.80
45.55.112.74
167109cd343b80d4073b734e83709db08585964b7c1e439641fa92b69b6f12dc
25cb88faa997399f1dfe71653605c1403cb9c8e8fb2e3ecc29f14f6bcac8d8e3
27dfb3a92841554eddbb47efe9c6514bc3c1066a8cb839c99e680a606062a82e
34c7653ec7daf5a1b38384b3d84fd14bc975ef3511b0a7c53e860e033eb238a2
46c548893d7650231b102043303ce85d2644c7bc6b68b51ac96d4a98be8a7afb
56d2f981a81d5e7171faece7960bbc7b858d7e817314073c68bae483b478da25
586ccbf1b796bda9998fab9b592fd834c683f414c7eb5922567e7a12795fd29a
6627ec089528c1fce648ab29150c60b94d6d211fe885de9cc2b03cb8c5fbca50
7295a4d58d5407b47a164a721462f3a13a9b41c855ee01c94bec5afa2d8c8a8d
7668c99e7bd3cad804b34d3c7d4f9a937b5aeb3110362e9a0fe9c1d0be3c1d95
78398c4ba3951d854507dbdaf53b7502d975308b0c0fc9f7dcf5dde313154d14
b0c23761375d9072bcd966a43ea8e050c9e0f011d9cbd6e9d6ee561852225daa
b855851451c3eb7220bc7331d6cf7f19dad4580ebc35610211f028848ba7fc34
bc8cf69017b73b9d853a1f9b78628175cc4b3514506b5c515e47a0db4fd0d2be
c46dd08f145587e8820612c66014d8b4a434e4704aa475c9e10a651de0d4684a
d1d01766d9feb5c709474de9ae18ad4f2b5432e538ee2f1b155db4925f7d0420
d40f41c51e22555a7ce840b7e82548dce8826bd4c82770038993fd9cc5136cfc
ea8e7bb1e303c573b0fb30dc9a25c5456397c8efe767ebfa6859189c7a7e86db

metamask-wallet.agr-altmark.de Open in urlscan Pro 2606:4700:3033::ac43:91e4 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

5 Requests

100 %HTTPS

40 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

1956 kBTransfer

4045 kBSize

1 Cookies

1 Outgoing links

Page URL History

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

1 Cookies

27 Console Messages

Indicators

metamask-wallet.agr-altmark.de Open in urlscan Pro
2606:4700:3033::ac43:91e4 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

1956 kB
Transfer

4045 kB
Size

1
Cookies

5 HTTP transactions
16 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!