metamask-eth.org
Open in
urlscan Pro
134.122.147.72
Malicious Activity!
Public Scan
Submission: On May 10 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 10th 2022. Valid for: 3 months.
This is the only time metamask-eth.org was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Metamask (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
10 | 134.122.147.72 134.122.147.72 | 64050 (BCPL-SG B...) (BCPL-SG BGPNET Global ASN) | |
1 | 2606:4700::68... 2606:4700::6810:5714 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
11 | 2 |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
metamask-eth.org
metamask-eth.org |
735 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 574 |
91 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
10 | metamask-eth.org |
metamask-eth.org
|
1 | cdn.jsdelivr.net |
metamask-eth.org
|
11 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
metamask-eth.org R3 |
2022-05-10 - 2022-08-08 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-03 - 2022-07-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://metamask-eth.org/
Frame ID: EA8F90B9D20F19B9F45AB9D817B5D34D
Requests: 11 HTTP requests in this frame
Screenshot
Page Title
MetaMaskDetected technologies
Vue.js (JavaScript Frameworks) ExpandDetected patterns
- (?:/([\d.]+))?/vue(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
metamask-eth.org/ |
28 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
metamask-eth.org/css/ |
954 KB 183 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index-rtl.css
metamask-eth.org/css/ |
954 KB 182 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.css
metamask-eth.org/static/common/js/vant/ |
141 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.min.js
metamask-eth.org/static/common/js/vue/ |
92 KB 38 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
metamask-eth.org/static/common/js/jquery/ |
84 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vue.js
cdn.jsdelivr.net/npm/vue@2.6.14/dist/ |
336 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vant.min.js
metamask-eth.org/static/common/js/vant/ |
270 KB 91 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hlt.png
metamask-eth.org/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
carousel.min.css
metamask-eth.org/css/react-gallery/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EuclidCircularB-Regular-WebXL.ttf
metamask-eth.org/css/fonts/Euclid/ |
151 KB 151 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Metamask (Crypto)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| Vue function| $ function| jQuery object| vant undefined| t undefined| t3 undefined| t4 undefined| _that object| app5 function| link function| setLang1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
metamask-eth.org/ | Name: think_var Value: ja |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
metamask-eth.org
134.122.147.72
2606:4700::6810:5714
03f2a27c6e38c3e8e38b294c2d0c3536b989ff6285388172542b4bedf10291d5
08b11e464af41dc1764715793aee5078e632b68606feb061b996f3ff8be7401c
19324d682dcf38dc4301051c406da335763f2ae3b1cbf08584acd910cfafc1e7
27b7077f95f4e8b355a581630ed3c42c9915b24038e172fab346714584ad96b5
2a1f1370eb7b24a307312112427dfd544fb838a8bef66babc936f5e870a22e52
377dc759e1a9a1d58bd73d502e79f60bdbe81b3f5e7151e42193e2167ff4d2b4
3dfe52c26628be8215aec16ff5936e141cfb47c0735f76addafc79de1f4d7518
64907943ad200eba70a44fb13c6201041d3dcaf18a8ee764763a8c93a2b480e1
69b75483b270421e1a89426dd59387ba090772313561c3e9fa415396a78e8936
e4890da9e8c741224ca9fe664f950c51d613d4f3b8f0fd641e884c20c3a4d49e
e6e28a8fb9b74533ece152229dafcc3ebc0f4b3dcd62879df115706bce55927d