metamaskv.cc Open in urlscan Pro
103.164.62.38 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://metamaskv.cc/metamask.php
Submission: On February 02 via api (February 2nd 2023, 4:09:38 am UTC) from JP — Scanned from JP

Summary HTTP 7 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 7 HTTP transactions. The main IP is 103.164.62.38, located in Hong Kong and belongs to HFTCL-AS-AP High Family Technology Co., Limited, HK. The main domain is metamaskv.cc.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on January 31st 2023. Valid for: a year.

This is the only time metamaskv.cc was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

	IP Address		AS Autonomous System
7	103.164.62.38 103.164.62.38		142032 (HFTCL-AS-...) (HFTCL-AS-AP High Family Technology Co.)
7	2

7 103.164.62.38 (Hong Kong)

ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK)

metamaskv.cc	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	metamaskv.cc metamaskv.cc	398 KB
7	1

	Domain	Requested by
7	metamaskv.cc	metamaskv.cc
7	1

This site contains no links.

Subject Issuer	Validity	Valid
metamaskv.cc Sectigo RSA Domain Validation Secure Server CA	`2023-01-31` - `2024-01-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://metamaskv.cc/metamask.php
Frame ID: AF6B4D5CE98460AD6B4EDAE04DFCBA1A
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

A crypto wallet &gateway to blockchain apps | MetaMask

Detected technologies

Gatsby (Static Site Generator) Expand

Overall confidence: 100%
Detected patterns

<div id="___gatsby">

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

400 kB
Transfer

568 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request metamask.php Show response metamaskv.cc/	29 KB 5 KB	219ms 68ms	Document text/html	103.164.62.38 HFTCL-AS-AP High ...
General Check archive.org Show headers Download Go to Full URL https://metamaskv.cc/metamask.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.164.62.38 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK), Reverse DNS Software Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a / PHP/5.6.40 Resource Hash `decaafe858f94ba36404284b5cf33ca351e8c103975e0ca6a035145fefb0e589` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 accept-language jp-JP,jp;q=0.9 Response headers content-encoding gzip content-length 5313 content-type text/html; charset=UTF-8 date Thu, 02 Feb 2023 04:09:33 GMT server Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a vary Accept-Encoding x-powered-by PHP/5.6.40
GET H2	200	style.css metamaskv.cc/static/css/	105 KB 18 KB	70ms 69ms	Stylesheet text/css	103.164.62.38 HFTCL-AS-AP High ...
General Check archive.org Show headers Download Go to Full URL https://metamaskv.cc/static/css/style.css Requested by Host: metamaskv.cc URL: https://metamaskv.cc/metamask.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.164.62.38 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK), Reverse DNS Software Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a / Resource Hash `a2999a9cc4a84eb0bc3800db39e7b7785f6cbdbe208789da96870bd24465535b` Request headers accept-language jp-JP,jp;q=0.9 Referer https://metamaskv.cc/metamask.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 02 Feb 2023 04:09:33 GMT content-encoding gzip last-modified Sat, 03 Sep 2022 13:05:16 GMT server Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a etag "1a5b8-5e7c57f6d5b00-gzip" vary Accept-Encoding content-type text/css accept-ranges bytes content-length 18258
GET H2	200	EuclidCircularB-Regular-WebXL.woff2 metamaskv.cc/static/fonts/	44 KB 45 KB	141ms 140ms	Font application/octet-stream	103.164.62.38 HFTCL-AS-AP High ...
General Check archive.org Show headers Download Go to Full URL https://metamaskv.cc/static/fonts/EuclidCircularB-Regular-WebXL.woff2 Requested by Host: metamaskv.cc URL: https://metamaskv.cc/metamask.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.164.62.38 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK), Reverse DNS Software Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a / Resource Hash `8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b` Request headers Referer https://metamaskv.cc/metamask.php Origin https://metamaskv.cc accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 02 Feb 2023 04:09:33 GMT content-encoding gzip last-modified Fri, 02 Sep 2022 14:16:44 GMT server Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a etag "b08c-5e7b2612bab00-gzip" vary Accept-Encoding accept-ranges bytes content-length 45224
GET H2	200	EuclidCircularB-Bold-WebXL.woff2 metamaskv.cc/static/fonts/	44 KB 44 KB	141ms 140ms	Font application/octet-stream	103.164.62.38 HFTCL-AS-AP High ...
General Check archive.org Show headers Download Go to Full URL https://metamaskv.cc/static/fonts/EuclidCircularB-Bold-WebXL.woff2 Requested by Host: metamaskv.cc URL: https://metamaskv.cc/metamask.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.164.62.38 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK), Reverse DNS Software Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a / Resource Hash `88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df` Request headers Referer https://metamaskv.cc/metamask.php Origin https://metamaskv.cc accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 02 Feb 2023 04:09:33 GMT content-encoding gzip last-modified Fri, 02 Sep 2022 14:17:50 GMT server Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a etag "ae00-5e7b2651abf80-gzip" vary Accept-Encoding accept-ranges bytes content-length 44572
GET H2	200	jquery.js Show response metamaskv.cc/static/js/	90 KB 32 KB	296ms 295ms	Script application/javascript	103.164.62.38 HFTCL-AS-AP High ...
General Check archive.org Show headers Download Go to Full URL https://metamaskv.cc/static/js/jquery.js Requested by Host: metamaskv.cc URL: https://metamaskv.cc/metamask.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.164.62.38 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK), Reverse DNS Software Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a / Resource Hash `c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4` Request headers accept-language jp-JP,jp;q=0.9 Referer https://metamaskv.cc/metamask.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 02 Feb 2023 04:09:33 GMT content-encoding gzip last-modified Tue, 14 Aug 2018 12:22:58 GMT server Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a etag "169d5-57364452c2c80-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 32775
GET H2	200	script.js Show response metamaskv.cc/static/js/	2 KB 930 B	297ms 296ms	Script application/javascript	103.164.62.38 HFTCL-AS-AP High ...
General Check archive.org Show headers Download Go to Full URL https://metamaskv.cc/static/js/script.js Requested by Host: metamaskv.cc URL: https://metamaskv.cc/metamask.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.164.62.38 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK), Reverse DNS Software Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a / Resource Hash `1fcf1e8982314a7c61456b554984d17abf2790534e7a09f80bb1b863354ab1c8` Request headers accept-language jp-JP,jp;q=0.9 Referer https://metamaskv.cc/metamask.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 02 Feb 2023 04:09:33 GMT content-encoding gzip last-modified Sat, 03 Sep 2022 13:28:32 GMT server Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a etag "85c-5e7c5d2a2a000-gzip" vary Accept-Encoding content-type application/javascript accept-ranges bytes content-length 854
GET DATA	200 OK	truncated /	2 KB 2 KB		Font application/x-font-ttf
General Check archive.org Show headers Download Go to Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845` Request headers Referer Origin https://metamaskv.cc accept-language jp-JP,jp;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers Content-Type application/x-font-ttf;charset=utf-8
GET H2	200	swaps-header2.png metamaskv.cc/static/img/	251 KB 253 KB	109ms 109ms	Image image/png	103.164.62.38 HFTCL-AS-AP High ...
General Check archive.org Show headers Download Go to Show image Full URL https://metamaskv.cc/static/img/swaps-header2.png Requested by Host: metamaskv.cc URL: https://metamaskv.cc/metamask.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 103.164.62.38 , Hong Kong, ASN142032 (HFTCL-AS-AP High Family Technology Co., Limited, HK), Reverse DNS Software Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a / Resource Hash `a319de845f62189895cc3c180d7eec7188b70102d5e1d623a926140bee5b9672` Request headers accept-language jp-JP,jp;q=0.9 Referer https://metamaskv.cc/metamask.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36 Response headers date Thu, 02 Feb 2023 04:09:34 GMT last-modified Sat, 03 Sep 2022 05:46:42 GMT server Apache/2.4.54 (Win64) OpenSSL/1.1.1p mod_fcgid/2.3.9a accept-ranges bytes etag "3ed70-5e7bf5efd9480" content-length 257392 content-type image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			metamaskv.cc/	1970-01-20 09:23:17	Name: skinmode Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

metamaskv.cc
103.164.62.38
05dae8fbb96f3675f8b2981e8ead256a0f74ccba053fb08396c9a5fe99c54845
1fcf1e8982314a7c61456b554984d17abf2790534e7a09f80bb1b863354ab1c8
88fad87880ae6bb0d733c967419d5f0d68da547a88ad67e7af41f18dae2e20df
8ff3b303322168b49a14878f195dbaf76d9da16e35094d1f83fa23245450155b
a2999a9cc4a84eb0bc3800db39e7b7785f6cbdbe208789da96870bd24465535b
a319de845f62189895cc3c180d7eec7188b70102d5e1d623a926140bee5b9672
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
decaafe858f94ba36404284b5cf33ca351e8c103975e0ca6a035145fefb0e589

metamaskv.cc Open in urlscan Pro 103.164.62.38 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

7 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

2 IPs

1 Countries

400 kBTransfer

568 kBSize

1 Cookies

0 Outgoing links

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

9 JavaScript Global Variables

1 Cookies

Indicators

metamaskv.cc Open in urlscan Pro
103.164.62.38 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

400 kB
Transfer

568 kB
Size

1
Cookies

7 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!