www.metamaskimg.buzz
Open in
urlscan Pro
2606:4700:3033::6815:31b7
Malicious Activity!
Public Scan
Effective URL: https://www.metamaskimg.buzz/
Submission: On May 28 via manual from RS — Scanned from DE
Summary
TLS certificate: Issued by E1 on May 25th 2022. Valid for: 3 months.
This is the only time www.metamaskimg.buzz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Metamask (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 19 | 2606:4700:303... 2606:4700:3033::6815:31b7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 103.235.46.191 103.235.46.191 | 55967 (BAIDU Bei...) (BAIDU Beijing Baidu Netcom Science and Technology Co.) | |
20 | 3 |
ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
hm.baidu.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
metamaskimg.buzz
1 redirects
www.metamaskimg.buzz |
800 KB |
2 |
baidu.com
hm.baidu.com — Cisco Umbrella Rank: 8357 |
12 KB |
20 | 2 |
Domain | Requested by | |
---|---|---|
19 | www.metamaskimg.buzz |
1 redirects
www.metamaskimg.buzz
|
2 | hm.baidu.com |
www.metamaskimg.buzz
|
20 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
dowms-site.xyz |
chrome.google.com |
addons.mozilla.org |
microsoftedge.microsoft.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.metamaskimg.buzz E1 |
2022-05-25 - 2022-08-23 |
3 months | crt.sh |
baidu.com GlobalSign Organization Validation CA - SHA256 - G2 |
2022-02-21 - 2022-08-02 |
5 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.metamaskimg.buzz/
Frame ID: 6E0E7471A18F45D0A231B9F62B4CB73C
Requests: 21 HTTP requests in this frame
Screenshot
Page Title
Metamask App,Metamask Android,Metamask Chrome,Metamask For Chrome,Metamask Download,Metamask WalletPage URL History Show full URLs
-
http://www.metamaskimg.buzz/
HTTP 301
https://www.metamaskimg.buzz/ Page URL
Detected technologies
Baidu Analytics (百度统计) (Analytics) ExpandDetected patterns
- hm\.baidu\.com/hm\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: Download
Search URL Search Domain Scan URL
Title: Install MetaMask for Chrome
Search URL Search Domain Scan URL
Title: Install MetaMask for Android
Search URL Search Domain Scan URL
Title: Chrome
Search URL Search Domain Scan URL
Title: Firefox
Search URL Search Domain Scan URL
Title: Edge
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.metamaskimg.buzz/
HTTP 301
https://www.metamaskimg.buzz/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
20 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.metamaskimg.buzz/ Redirect Chain
|
17 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
normalize.css
www.metamaskimg.buzz/index_files/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webflow.css
www.metamaskimg.buzz/index_files/ |
38 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
metamask-staging-2.webflow.css
www.metamaskimg.buzz/index_files/ |
132 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.metamaskimg.buzz/index_files/ |
101 KB 102 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mm-logo.svg
www.metamaskimg.buzz/index_files/ |
12 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
download-extension.png
www.metamaskimg.buzz/index_files/ |
103 KB 104 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
download-ios.png
www.metamaskimg.buzz/index_files/ |
90 KB 91 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
download-android.png
www.metamaskimg.buzz/index_files/ |
107 KB 107 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chrome_1chrome.png
www.metamaskimg.buzz/index_files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Firefox_1Firefox.png
www.metamaskimg.buzz/index_files/ |
10 KB 11 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Brave.png
www.metamaskimg.buzz/index_files/ |
19 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Edge.png
www.metamaskimg.buzz/index_files/ |
34 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.dc5e7f18c8.js
www.metamaskimg.buzz/index_files/ |
87 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
www.metamaskimg.buzz/index_files/ |
90 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webflow.js
www.metamaskimg.buzz/index_files/ |
553 KB 135 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.js
hm.baidu.com/ |
29 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
2 KB 2 KB |
Font
application/x-font-ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EuclidCircularB-Regular-WebXL.woff2
www.metamaskimg.buzz/fonts/ |
44 KB 45 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
EuclidCircularB-Bold-WebXL.woff2
www.metamaskimg.buzz/fonts/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hm.gif
hm.baidu.com/ |
43 B 299 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Metamask (Crypto)17 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| _hmt function| $ function| jQuery function| tram object| jQuery180016146345154025354 object| Webflow object| google_tag_manager object| dataLayer boolean| _bdhm_loaded_856ae97a494043d69dfd28a50460f3a1 object| mini_tangram_log_nh118w3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.hm.baidu.com/ | Name: HMACCOUNT_BFESS Value: CA9D48D86821D2A5 |
|
.www.metamaskimg.buzz/ | Name: Hm_lvt_856ae97a494043d69dfd28a50460f3a1 Value: 1653734066 |
|
.www.metamaskimg.buzz/ | Name: Hm_lpvt_856ae97a494043d69dfd28a50460f3a1 Value: 1653734066 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
hm.baidu.com
www.metamaskimg.buzz
103.235.46.191
2606:4700:3033::6815:31b7
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
19872aaf2614d85f9cd1b5f7a11592e54073c606e97f5f31de03bc254da4fb12
201e8c7479fe65886bf5d1e2cebec0b5c0c1c18a90706fa5e7d02e89e83ab3a6
3125154a4584a1f646971e9a33c60f6a464707466cc85bd5f7da9eaeeb6571fe
52c88349bd9d45937236e20a4c9928f8a15db9dc7418436900e667b344e079c5
56d7ec9bf2e02d007178c323a7fe5f8a8cdbbada443b00e41cbee9c39bf23cea
5c4a6fe64efc5d07833c35af9630d0f9b3d4d09a63f9358e441374e9102c9e81
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
5ec720e2d3d0417d0f7e4e2f88d63e1572ee7699ff88f0e0a725a89567859c9c
6643f9327bc18e8108d0bc474eee816d0807a10dc8ad3702797e8f81f23c888b
84ea6bece58d7fd72eb4446d06d52e4b8e03eee444cb01c6b1c240eb6c412d02
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
90af37bb98146aba902ae19d013dc16ead7ea6f5050f339a5728eaf2a068c7ec
94b3185eff8d48c0db402f227d910832d0ea342b6018db0cbea95577509fd161
ba6716203b5a6f128eab828aef79dcdfeab87ec1ee605392e4a9d6955de30842
c70ad102753b3e9daff0093796d2265a4fde7be37c374e61728950c38757e016
cd70b79d81f32aa721dedf46ea682f1f0c1808d2ffe09da63730b2a01380c214
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d