support.metamask.c2350978.ferozo.com Open in urlscan Pro
188.225.34.142  Malicious Activity! Public Scan

26 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
22 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request home.html Show response support.metamask.c2350978.ferozo.com/Wallet/portal/42805/	2 MB 1007 KB	1811ms 50ms	Document text/html	188.225.34.142 TIMEWEB-AS
General Check archive.org Show headers Download Go to Full URL https://support.metamask.c2350978.ferozo.com/Wallet/portal/42805/home.html Protocol H2 Security TLS 1.3, , AES_256_GCM Server 188.225.34.142 , Russian Federation, ASN9123 (TIMEWEB-AS, RU), Reverse DNS 822267-cu26950.tmweb.ru Software nginx / Resource Hash 2a703860b714b5f050b28e595b8ca3caa8b895582092dcc0cde8f18e21696a94 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers server nginx date Fri, 18 Mar 2022 13:09:56 GMT content-type text/html last-modified Fri, 18 Mar 2022 10:49:45 GMT vary Accept-Encoding etag W/"623463c9-1d31be" strict-transport-security max-age=31536000 content-encoding gzip
GET DATA	200 OK	truncated /	12 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	178 KB 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8219d614dac0bfcd872cc52b1c919351b4bc1fa8d5850fbb3b9d5f751411e459 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated /	44 KB 44 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b Request headers Referer Origin https://support.metamask.c2350978.ferozo.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	2 KB 2 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845 Request headers Referer Origin https://support.metamask.c2350978.ferozo.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type application/x-font-ttf;charset=utf-8
GET DATA	200 OK	truncated /	44 KB 44 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df Request headers Referer Origin https://support.metamask.c2350978.ferozo.com Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated /	36 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	36 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8ba2b37fd4f2f3c19c10109bc6111d3d71692c78f9351f1eb2a8cab5231b77b5 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	28 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 517c0c6b44ede59070fb138aab7e875b9c230a227295f9612c32dabb9b0bdb13 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	14 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	42 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	11 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	8 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	7 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	6 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	7 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	10 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	139 KB 0		Image image/webp
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 8a3f8a21d1aa784477a6c23c7ead413b6c67450550036f410f368bf042ae5203 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/webp
GET DATA	200 OK	truncated / Frame 207B	175 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated / Frame 207B	3 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 73360daef1e2781c6fe96e9150f10f2e4bbfe239940e15aa93cad4a901e10ce7 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated / Frame 207B	81 KB 0		Image image/jpeg
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d7fd5afdd732dcfc52b067c4948158f4a6db333bdc18035bd79b03544c1e9c04 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/jpeg
GET DATA	200 OK	truncated / Frame 207B	10 KB 10 KB		Font font/woff2
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280 Request headers Referer Origin null Accept-Language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type font/woff2
GET DATA	200 OK	truncated / Frame 207B	327 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c05b74a7e5c603e06b47126f184675dc2cf3283c8e1a1d1dc97d2dd49fd59620 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	YVgfHZMFFFQ www.youtube.com/embed/ Frame 207B	0 0	87ms 59ms	Image text/html	2a00:1450:4001:810::200e GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.youtube.com/embed/YVgfHZMFFFQ Requested by Host: srcdoc URL: about:srcdoc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Accept-Language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36 Response headers

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| structuredClone object| oncontextlost object| oncontextrestored function| savepage_ShadowLoader

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: ukMoZhMBqKo
			.youtube.com/	1970-01-20 05:59:20	Name: VISITOR_INFO1_LIVE Value: z5pNdDACEJs

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://support.metamask.c2350978.ferozo.com/Wallet/portal/42805/home.html(Line 3580) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://support.metamask.c2350978.ferozo.com/Wallet/portal/42805/home.html(Line 3581) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://support.metamask.c2350978.ferozo.com/Wallet/portal/42805/home.html(Line 3582) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://support.metamask.c2350978.ferozo.com/Wallet/portal/42805/home.html(Line 3583) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://support.metamask.c2350978.ferozo.com/Wallet/portal/42805/home.html(Line 3584) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://support.metamask.c2350978.ferozo.com/Wallet/portal/42805/home.html(Line 3585) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://support.metamask.c2350978.ferozo.com/Wallet/portal/42805/home.html(Line 3586) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://support.metamask.c2350978.ferozo.com/Wallet/portal/42805/home.html(Line 3587) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://support.metamask.c2350978.ferozo.com/Wallet/portal/42805/home.html(Line 3588) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://support.metamask.c2350978.ferozo.com/Wallet/portal/42805/home.html(Line 3589) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://support.metamask.c2350978.ferozo.com/Wallet/portal/42805/home.html(Line 3590) Message: <link rel=preload> has an invalid `href` value

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

support.metamask.c2350978.ferozo.com
www.youtube.com
188.225.34.142
2a00:1450:4001:810::200e
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
20a34c84f82590d99a060210ea362878975f21cfd65c3a70c54e7fb99dce1f76
29db12a282df5639db8fa232831bbe9a7220884eecf79f1776f1b27237a4597c
2a703860b714b5f050b28e595b8ca3caa8b895582092dcc0cde8f18e21696a94
4352380f92ce7f9a4a4a23306b992bed10055dbfffe90987cc72083e583fc280
506d6d9d5ad22253976f2906bbf141c94d19eb15466ed62b8c6cfb887bf07b55
517c0c6b44ede59070fb138aab7e875b9c230a227295f9612c32dabb9b0bdb13
596228062de19a21cfda4d3129b3a5d397c5a71509e096b8f67fb8c4f22aa56d
5e722754f038988ba4b6d7f380d60191eba3b6e01d4a00749a28b79c53521f5b
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
7077eb7da3a6f399014d67a1032ab6d67f099055a1a2594cb4753022b843dc43
73360daef1e2781c6fe96e9150f10f2e4bbfe239940e15aa93cad4a901e10ce7
7faefc7f99e94d6251527c95794a5fdfb3e644baf25ae56f4e13afd125246421
8219d614dac0bfcd872cc52b1c919351b4bc1fa8d5850fbb3b9d5f751411e459
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
8a3f8a21d1aa784477a6c23c7ead413b6c67450550036f410f368bf042ae5203
8ba2b37fd4f2f3c19c10109bc6111d3d71692c78f9351f1eb2a8cab5231b77b5
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
ad0237265584181a6797c454ca123aa5d3df08001ae39b27bddfc66856b6751b
c05b74a7e5c603e06b47126f184675dc2cf3283c8e1a1d1dc97d2dd49fd59620
c62a1f30cdb6aff5eafdfccb45383032e61bf70aa0573572a4428347a1b5b116
d7fd5afdd732dcfc52b067c4948158f4a6db333bdc18035bd79b03544c1e9c04
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0d7356ee903d26301b8960783f70c108efc0382f20c804e0d09872a5443ce96