metamask.cirii.co
Open in
urlscan Pro
162.241.224.140
Malicious Activity!
Public Scan
Submission: On May 27 via manual from PL — Scanned from DE
Summary
This is the only time metamask.cirii.co was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Metamask (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 162.241.224.140 162.241.224.140 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 162.241.148.128 162.241.148.128 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
12 | 2 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: box5189.bluehost.com
metamask.cirii.co |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-148-128.unifiedlayer.com
api.growfastorganic.in |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
cirii.co
metamask.cirii.co |
557 KB |
1 |
growfastorganic.in
api.growfastorganic.in |
183 B |
12 | 2 |
Domain | Requested by | |
---|---|---|
11 | metamask.cirii.co |
metamask.cirii.co
|
1 | api.growfastorganic.in |
metamask.cirii.co
|
12 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
support.metamask.io |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.growfastorganic.in R3 |
2022-05-06 - 2022-08-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://metamask.cirii.co/af645ea/Info.htm
Frame ID: 869546C0A736B9CB3B26A9A043D87D73
Requests: 12 HTTP requests in this frame
1 Outgoing links
These are links going to different origins than the main page.
Title: MetaMask Support
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Info.htm
metamask.cirii.co/af645ea/ |
13 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.css
metamask.cirii.co/af645ea/style/ |
752 KB 168 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.eba238ef.chunk.css
metamask.cirii.co/af645ea/style/ |
898 B 843 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bundle.js
metamask.cirii.co/af645ea/style/ |
52 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
metamask-logo-horizontal.83aa0127.svg
metamask.cirii.co/af645ea/style/ |
5 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
metamask-fox.7db94670.svg
metamask.cirii.co/af645ea/style/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.6aed8c2a.chunk.js
metamask.cirii.co/af645ea/style/ |
137 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.e0985ad8.chunk.js
metamask.cirii.co/af645ea/style/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
caret-down.svg
metamask.cirii.co/af645ea/style/ |
164 B 452 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EuclidCircularB-Regular-WebXL.ttf
metamask.cirii.co/af645ea/style/ |
151 KB 151 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
EuclidCircularB-Bold-WebXL.ttf
metamask.cirii.co/af645ea/style/ |
147 KB 148 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
api.growfastorganic.in/MT/ |
0 183 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Metamask (Crypto)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch object| navigation object| webpackJsonpmetamask object| regeneratorRuntime0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.growfastorganic.in
metamask.cirii.co
162.241.148.128
162.241.224.140
08b11e464af41dc1764715793aee5078e632b68606feb061b996f3ff8be7401c
6d3332575dbf8b576f8f1d6366861601d8a962f566179c21b8583ae08a13e831
a2779239ae69999a04e2e98ee5be8a282a21b41b7b4c6ce00c881ecc82fcaa50
b855851451c3eb7220bc7331d6cf7f19dad4580ebc35610211f028848ba7fc34
bb40694a558c75406abed70529e01cd8d842f86ef6e2fad0c819de7e88085222
c4ee94725b477419a3960fdfdd78914425c0665b0668755122ffeb5002df4bdc
df4f17393abc2d0e8ea15d6b55644cfdee10d34445d6c26204f427554f3754de
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ca4b439e879644b1528ecc7c538a6240ee9210a16a63861a5086c15815b026
e6b76ca9e44aeb121cbbe8f23bc6a95d41c42feab6df86d53a281a281510989c
f1127ec0ab64a9b6b33538b684a6dabb76c16e209fdf0d5c5f7b723125d93c2f
ff73b3098a9334065dba72b07910fc8a3427eff120f72557c4f477669c00cdbf