metamask.cirii.co Open in urlscan Pro
162.241.224.140  Malicious Activity! Public Scan

URL: http://metamask.cirii.co/353b124/Info.htm
Submission: On June 18 via automatic, source openphish — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 162.241.224.140, located in United States and belongs to OIS1, US. The main domain is metamask.cirii.co.
This is the only time metamask.cirii.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

IP Address AS Autonomous System
11 162.241.224.140 26337 (OIS1)
1 162.241.148.128 46606 (UNIFIEDLA...)
12 2
Apex Domain
Subdomains
Transfer
11 cirii.co
metamask.cirii.co
557 KB
1 growfastorganic.in
api.growfastorganic.in
183 B
12 2
Domain Requested by
11 metamask.cirii.co metamask.cirii.co
1 api.growfastorganic.in metamask.cirii.co
12 2

This site contains links to these domains. Also see Links.

Domain
support.metamask.io
Subject Issuer Validity Valid
*.growfastorganic.in
R3
2022-05-06 -
2022-08-04
3 months crt.sh

This page contains 1 frames:

Primary Page: http://metamask.cirii.co/353b124/Info.htm
Frame ID: 4178D7D539BEB4BB5E694151D8BC99CB
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

MetaMask

Page Statistics

12
Requests

8 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

557 kB
Transfer

1276 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Info.htm
metamask.cirii.co/353b124/
13 KB
5 KB
Document
General
Full URL
http://metamask.cirii.co/353b124/Info.htm
Protocol
HTTP/1.1
Server
162.241.224.140 , United States, ASN26337 (OIS1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
e6b76ca9e44aeb121cbbe8f23bc6a95d41c42feab6df86d53a281a281510989c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
Upgrade, Keep-Alive
Content-Encoding
gzip
Content-Length
4857
Content-Type
text/html
Date
Sat, 18 Jun 2022 13:14:32 GMT
Keep-Alive
timeout=5, max=75
Last-Modified
Fri, 27 May 2022 00:01:58 GMT
Server
Apache
Upgrade
h2,h2c
Vary
Accept-Encoding
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
index.css
metamask.cirii.co/353b124/style/
752 KB
168 KB
Stylesheet
General
Full URL
http://metamask.cirii.co/353b124/style/index.css
Requested by
Host: metamask.cirii.co
URL: http://metamask.cirii.co/353b124/Info.htm
Protocol
HTTP/1.1
Server
162.241.224.140 , United States, ASN26337 (OIS1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
f1127ec0ab64a9b6b33538b684a6dabb76c16e209fdf0d5c5f7b723125d93c2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metamask.cirii.co/353b124/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 13:14:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 May 2022 00:01:58 GMT
Server
Apache
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=74
main.eba238ef.chunk.css
metamask.cirii.co/353b124/style/
898 B
843 B
Stylesheet
General
Full URL
http://metamask.cirii.co/353b124/style/main.eba238ef.chunk.css
Requested by
Host: metamask.cirii.co
URL: http://metamask.cirii.co/353b124/Info.htm
Protocol
HTTP/1.1
Server
162.241.224.140 , United States, ASN26337 (OIS1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
6d3332575dbf8b576f8f1d6366861601d8a962f566179c21b8583ae08a13e831

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metamask.cirii.co/353b124/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 13:14:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 May 2022 00:01:58 GMT
Server
Apache
Accept-Ranges
bytes
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type
text/css
Keep-Alive
timeout=5, max=75
Content-Length
487
bundle.js
metamask.cirii.co/353b124/style/
52 KB
13 KB
Script
General
Full URL
http://metamask.cirii.co/353b124/style/bundle.js
Requested by
Host: metamask.cirii.co
URL: http://metamask.cirii.co/353b124/Info.htm
Protocol
HTTP/1.1
Server
162.241.224.140 , United States, ASN26337 (OIS1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
c4ee94725b477419a3960fdfdd78914425c0665b0668755122ffeb5002df4bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metamask.cirii.co/353b124/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 13:14:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 May 2022 00:01:58 GMT
Server
Apache
Accept-Ranges
bytes
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type
application/javascript
Keep-Alive
timeout=5, max=75
Content-Length
13001
metamask-logo-horizontal.83aa0127.svg
metamask.cirii.co/353b124/style/
5 KB
5 KB
Image
General
Full URL
http://metamask.cirii.co/353b124/style/metamask-logo-horizontal.83aa0127.svg
Requested by
Host: metamask.cirii.co
URL: http://metamask.cirii.co/353b124/Info.htm
Protocol
HTTP/1.1
Server
162.241.224.140 , United States, ASN26337 (OIS1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
a2779239ae69999a04e2e98ee5be8a282a21b41b7b4c6ce00c881ecc82fcaa50

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metamask.cirii.co/353b124/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 13:14:32 GMT
Last-Modified
Fri, 27 May 2022 00:01:58 GMT
Server
Apache
Accept-Ranges
bytes
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type
image/svg+xml
Keep-Alive
timeout=5, max=75
Content-Length
5020
metamask-fox.7db94670.svg
metamask.cirii.co/353b124/style/
3 KB
3 KB
Image
General
Full URL
http://metamask.cirii.co/353b124/style/metamask-fox.7db94670.svg
Requested by
Host: metamask.cirii.co
URL: http://metamask.cirii.co/353b124/Info.htm
Protocol
HTTP/1.1
Server
162.241.224.140 , United States, ASN26337 (OIS1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
b855851451c3eb7220bc7331d6cf7f19dad4580ebc35610211f028848ba7fc34

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metamask.cirii.co/353b124/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 13:14:32 GMT
Last-Modified
Fri, 27 May 2022 00:01:58 GMT
Server
Apache
Accept-Ranges
bytes
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type
image/svg+xml
Keep-Alive
timeout=5, max=75
Content-Length
3231
2.6aed8c2a.chunk.js
metamask.cirii.co/353b124/style/
137 KB
56 KB
Script
General
Full URL
http://metamask.cirii.co/353b124/style/2.6aed8c2a.chunk.js
Requested by
Host: metamask.cirii.co
URL: http://metamask.cirii.co/353b124/Info.htm
Protocol
HTTP/1.1
Server
162.241.224.140 , United States, ASN26337 (OIS1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
bb40694a558c75406abed70529e01cd8d842f86ef6e2fad0c819de7e88085222

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metamask.cirii.co/353b124/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 13:14:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 May 2022 00:01:58 GMT
Server
Apache
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Type
application/javascript
Transfer-Encoding
chunked
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=74
main.e0985ad8.chunk.js
metamask.cirii.co/353b124/style/
16 KB
6 KB
Script
General
Full URL
http://metamask.cirii.co/353b124/style/main.e0985ad8.chunk.js
Requested by
Host: metamask.cirii.co
URL: http://metamask.cirii.co/353b124/Info.htm
Protocol
HTTP/1.1
Server
162.241.224.140 , United States, ASN26337 (OIS1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
ff73b3098a9334065dba72b07910fc8a3427eff120f72557c4f477669c00cdbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metamask.cirii.co/353b124/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 13:14:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 27 May 2022 00:01:58 GMT
Server
Apache
Accept-Ranges
bytes
Vary
Accept-Encoding
Upgrade
h2,h2c
Connection
Upgrade, Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Content-Type
application/javascript
Keep-Alive
timeout=5, max=75
Content-Length
5753
caret-down.svg
metamask.cirii.co/353b124/style/
164 B
452 B
Image
General
Full URL
http://metamask.cirii.co/353b124/style/caret-down.svg
Requested by
Host: metamask.cirii.co
URL: http://metamask.cirii.co/353b124/style/index.css
Protocol
HTTP/1.1
Server
162.241.224.140 , United States, ASN26337 (OIS1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
e5ca4b439e879644b1528ecc7c538a6240ee9210a16a63861a5086c15815b026

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metamask.cirii.co/353b124/style/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 13:14:32 GMT
Last-Modified
Fri, 27 May 2022 00:01:58 GMT
Server
Apache
Accept-Ranges
bytes
Content-Type
image/svg+xml
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=73
Content-Length
164
/
api.growfastorganic.in/MT/
0
183 B
Image
General
Full URL
https://api.growfastorganic.in/MT/
Requested by
Host: metamask.cirii.co
URL: http://metamask.cirii.co/353b124/style/index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.148.128 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-148-128.unifiedlayer.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://metamask.cirii.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 18 Jun 2022 13:14:33 GMT
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
server
Apache
content-length
0
content-type
text/html; charset=UTF-8
EuclidCircularB-Regular-WebXL.ttf
metamask.cirii.co/353b124/style/
151 KB
151 KB
Font
General
Full URL
http://metamask.cirii.co/353b124/style/EuclidCircularB-Regular-WebXL.ttf
Requested by
Host: metamask.cirii.co
URL: http://metamask.cirii.co/353b124/style/index.css
Protocol
HTTP/1.1
Server
162.241.224.140 , United States, ASN26337 (OIS1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
08b11e464af41dc1764715793aee5078e632b68606feb061b996f3ff8be7401c

Request headers

Referer
http://metamask.cirii.co/353b124/style/index.css
Origin
http://metamask.cirii.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 13:14:32 GMT
Last-Modified
Fri, 27 May 2022 00:01:58 GMT
Server
Apache
Accept-Ranges
bytes
Content-Type
font/ttf
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=73
Content-Length
154192
EuclidCircularB-Bold-WebXL.ttf
metamask.cirii.co/353b124/style/
147 KB
148 KB
Font
General
Full URL
http://metamask.cirii.co/353b124/style/EuclidCircularB-Bold-WebXL.ttf
Requested by
Host: metamask.cirii.co
URL: http://metamask.cirii.co/353b124/style/index.css
Protocol
HTTP/1.1
Server
162.241.224.140 , United States, ASN26337 (OIS1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
df4f17393abc2d0e8ea15d6b55644cfdee10d34445d6c26204f427554f3754de

Request headers

Referer
http://metamask.cirii.co/353b124/style/index.css
Origin
http://metamask.cirii.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Sat, 18 Jun 2022 13:14:32 GMT
Last-Modified
Fri, 27 May 2022 00:01:58 GMT
Server
Apache
Accept-Ranges
bytes
Content-Type
font/ttf
Connection
Keep-Alive
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
Keep-Alive
timeout=5, max=74
Content-Length
150928

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| webpackJsonpmetamask object| regeneratorRuntime

0 Cookies