metamask.cirii.co Open in urlscan Pro
162.241.224.140  Malicious Activity! Public Scan

URL: https://metamask.cirii.co/5d959e0/Info.htm
Submission: On May 27 via automatic, source openphish — Scanned from DE

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 12 HTTP transactions. The main IP is 162.241.224.140, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is metamask.cirii.co.
TLS certificate: Issued by R3 on May 22nd 2022. Valid for: 3 months.
This is the only time metamask.cirii.co was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

IP Address AS Autonomous System
11 162.241.224.140 46606 (UNIFIEDLA...)
1 162.241.148.128 46606 (UNIFIEDLA...)
12 2
Apex Domain
Subdomains
Transfer
11 cirii.co
metamask.cirii.co
557 KB
1 growfastorganic.in
api.growfastorganic.in
182 B
12 2
Domain Requested by
11 metamask.cirii.co metamask.cirii.co
1 api.growfastorganic.in metamask.cirii.co
12 2

This site contains links to these domains. Also see Links.

Domain
support.metamask.io
Subject Issuer Validity Valid
metamask.cirii.co
R3
2022-05-22 -
2022-08-20
3 months crt.sh
*.growfastorganic.in
R3
2022-05-06 -
2022-08-04
3 months crt.sh

This page contains 1 frames:

Primary Page: https://metamask.cirii.co/5d959e0/Info.htm
Frame ID: 9479BA1D8A7FF4CF8F4657A59FF5EB67
Requests: 12 HTTP requests in this frame

Screenshot

Page Title

MetaMask

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

558 kB
Transfer

1276 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Info.htm
metamask.cirii.co/5d959e0/
13 KB
5 KB
Document
General
Full URL
https://metamask.cirii.co/5d959e0/Info.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.224.140 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
e6b76ca9e44aeb121cbbe8f23bc6a95d41c42feab6df86d53a281a281510989c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
4857
content-type
text/html
date
Fri, 27 May 2022 13:06:41 GMT
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified
Thu, 26 May 2022 20:25:13 GMT
server
Apache
vary
Accept-Encoding
index.css
metamask.cirii.co/5d959e0/style/
752 KB
169 KB
Stylesheet
General
Full URL
https://metamask.cirii.co/5d959e0/style/index.css
Requested by
Host: metamask.cirii.co
URL: https://metamask.cirii.co/5d959e0/Info.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.224.140 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
f1127ec0ab64a9b6b33538b684a6dabb76c16e209fdf0d5c5f7b723125d93c2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metamask.cirii.co/5d959e0/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 13:06:41 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 20:25:13 GMT
server
Apache
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
main.eba238ef.chunk.css
metamask.cirii.co/5d959e0/style/
898 B
527 B
Stylesheet
General
Full URL
https://metamask.cirii.co/5d959e0/style/main.eba238ef.chunk.css
Requested by
Host: metamask.cirii.co
URL: https://metamask.cirii.co/5d959e0/Info.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.224.140 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
6d3332575dbf8b576f8f1d6366861601d8a962f566179c21b8583ae08a13e831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metamask.cirii.co/5d959e0/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 13:06:41 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 20:25:13 GMT
server
Apache
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
487
bundle.js
metamask.cirii.co/5d959e0/style/
52 KB
13 KB
Script
General
Full URL
https://metamask.cirii.co/5d959e0/style/bundle.js
Requested by
Host: metamask.cirii.co
URL: https://metamask.cirii.co/5d959e0/Info.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.224.140 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
c4ee94725b477419a3960fdfdd78914425c0665b0668755122ffeb5002df4bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metamask.cirii.co/5d959e0/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 13:06:41 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 20:25:13 GMT
server
Apache
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
13001
metamask-logo-horizontal.83aa0127.svg
metamask.cirii.co/5d959e0/style/
5 KB
5 KB
Image
General
Full URL
https://metamask.cirii.co/5d959e0/style/metamask-logo-horizontal.83aa0127.svg
Requested by
Host: metamask.cirii.co
URL: https://metamask.cirii.co/5d959e0/Info.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.224.140 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
a2779239ae69999a04e2e98ee5be8a282a21b41b7b4c6ce00c881ecc82fcaa50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metamask.cirii.co/5d959e0/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges
bytes
last-modified
Thu, 26 May 2022 20:25:13 GMT
server
Apache
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
date
Fri, 27 May 2022 13:06:41 GMT
content-length
5020
content-type
image/svg+xml
metamask-fox.7db94670.svg
metamask.cirii.co/5d959e0/style/
3 KB
3 KB
Image
General
Full URL
https://metamask.cirii.co/5d959e0/style/metamask-fox.7db94670.svg
Requested by
Host: metamask.cirii.co
URL: https://metamask.cirii.co/5d959e0/Info.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.224.140 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
b855851451c3eb7220bc7331d6cf7f19dad4580ebc35610211f028848ba7fc34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metamask.cirii.co/5d959e0/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges
bytes
last-modified
Thu, 26 May 2022 20:25:13 GMT
server
Apache
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
date
Fri, 27 May 2022 13:06:41 GMT
content-length
3231
content-type
image/svg+xml
2.6aed8c2a.chunk.js
metamask.cirii.co/5d959e0/style/
137 KB
56 KB
Script
General
Full URL
https://metamask.cirii.co/5d959e0/style/2.6aed8c2a.chunk.js
Requested by
Host: metamask.cirii.co
URL: https://metamask.cirii.co/5d959e0/Info.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.224.140 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
bb40694a558c75406abed70529e01cd8d842f86ef6e2fad0c819de7e88085222

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metamask.cirii.co/5d959e0/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 13:06:41 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 20:25:13 GMT
server
Apache
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
main.e0985ad8.chunk.js
metamask.cirii.co/5d959e0/style/
16 KB
6 KB
Script
General
Full URL
https://metamask.cirii.co/5d959e0/style/main.e0985ad8.chunk.js
Requested by
Host: metamask.cirii.co
URL: https://metamask.cirii.co/5d959e0/Info.htm
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.224.140 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
ff73b3098a9334065dba72b07910fc8a3427eff120f72557c4f477669c00cdbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metamask.cirii.co/5d959e0/Info.htm
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date
Fri, 27 May 2022 13:06:41 GMT
content-encoding
gzip
last-modified
Thu, 26 May 2022 20:25:13 GMT
server
Apache
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
5753
caret-down.svg
metamask.cirii.co/5d959e0/style/
164 B
218 B
Image
General
Full URL
https://metamask.cirii.co/5d959e0/style/caret-down.svg
Requested by
Host: metamask.cirii.co
URL: https://metamask.cirii.co/5d959e0/style/index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.224.140 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
e5ca4b439e879644b1528ecc7c538a6240ee9210a16a63861a5086c15815b026

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metamask.cirii.co/5d959e0/style/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges
bytes
last-modified
Thu, 26 May 2022 20:25:13 GMT
server
Apache
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
date
Fri, 27 May 2022 13:06:42 GMT
content-length
164
content-type
image/svg+xml
/
api.growfastorganic.in/MT/
0
182 B
Image
General
Full URL
https://api.growfastorganic.in/MT/
Requested by
Host: metamask.cirii.co
URL: https://metamask.cirii.co/5d959e0/style/index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.148.128 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
162-241-148-128.unifiedlayer.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://metamask.cirii.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 27 May 2022 13:06:42 GMT
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
server
Apache
content-length
0
content-type
text/html; charset=UTF-8
EuclidCircularB-Regular-WebXL.ttf
metamask.cirii.co/5d959e0/style/
151 KB
152 KB
Font
General
Full URL
https://metamask.cirii.co/5d959e0/style/EuclidCircularB-Regular-WebXL.ttf
Requested by
Host: metamask.cirii.co
URL: https://metamask.cirii.co/5d959e0/style/index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.224.140 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
08b11e464af41dc1764715793aee5078e632b68606feb061b996f3ff8be7401c

Request headers

Referer
https://metamask.cirii.co/5d959e0/style/index.css
Origin
https://metamask.cirii.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges
bytes
last-modified
Thu, 26 May 2022 20:25:13 GMT
server
Apache
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
date
Fri, 27 May 2022 13:06:42 GMT
content-length
154192
content-type
font/ttf
EuclidCircularB-Bold-WebXL.ttf
metamask.cirii.co/5d959e0/style/
147 KB
148 KB
Font
General
Full URL
https://metamask.cirii.co/5d959e0/style/EuclidCircularB-Bold-WebXL.ttf
Requested by
Host: metamask.cirii.co
URL: https://metamask.cirii.co/5d959e0/style/index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.241.224.140 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS
box5189.bluehost.com
Software
Apache /
Resource Hash
df4f17393abc2d0e8ea15d6b55644cfdee10d34445d6c26204f427554f3754de

Request headers

Referer
https://metamask.cirii.co/5d959e0/style/index.css
Origin
https://metamask.cirii.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

accept-ranges
bytes
last-modified
Thu, 26 May 2022 20:25:13 GMT
server
Apache
host-header
c2hhcmVkLmJsdWVob3N0LmNvbQ==
date
Fri, 27 May 2022 13:06:42 GMT
content-length
150928
content-type
font/ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| webpackJsonpmetamask object| regeneratorRuntime

0 Cookies