urlscan.io logo urlscan.io
SecurityTrails logo

b.metamask-etc.com Open in urlscan Pro
137.220.185.28  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://b.metamask-etc.com/
Effective URL: https://b.metamask-etc.com/
Submission: On March 11 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 11 HTTP transactions. The main IP is 137.220.185.28, located in Tokyo, Japan and belongs to BCPL-SG BGPNET Global ASN, SG. The main domain is b.metamask-etc.com.
TLS certificate: Issued by R3 on March 11th 2022. Valid for: 3 months.
This is the only time b.metamask-etc.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Metamask (Crypto)

Domain & IP information

IP Address AS Autonomous System
1 11 137.220.185.28 64050 (BCPL-SG B...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
11 2
Apex Domain
Subdomains		 Transfer
11 metamask-etc.com
b.metamask-etc.com
739 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 403
91 KB
11 2
Domain Requested by
11 b.metamask-etc.com 1 redirects b.metamask-etc.com
1 cdn.jsdelivr.net b.metamask-etc.com
11 2

This site contains no links.

Subject Issuer Validity Valid
b.metamask-etc.com
R3		 2022-03-11 -
2022-06-09		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-03 -
2022-07-02		 a year crt.sh

This page contains 1 frames:

Primary Page: https://b.metamask-etc.com/
Frame ID: 58BEB00D1320CD5783B5A395DD932A2D
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MetaMask

Page URL History Show full URLs

  1. http://b.metamask-etc.com/ HTTP 301
    https://b.metamask-etc.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/vue(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

11
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

830 kB
Transfer

3022 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://b.metamask-etc.com/ HTTP 301
    https://b.metamask-etc.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
b.metamask-etc.com/
Redirect Chain
  • http://b.metamask-etc.com/
  • https://b.metamask-etc.com/
28 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b.metamask-etc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.185.28 Tokyo, Japan, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
377dc759e1a9a1d58bd73d502e79f60bdbe81b3f5e7151e42193e2167ff4d2b4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

server
nginx
date
Fri, 11 Mar 2022 12:36:34 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
strict-transport-security
max-age=31536000
content-encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 11 Mar 2022 12:36:33 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://b.metamask-etc.com/
Strict-Transport-Security
max-age=31536000
index.css
b.metamask-etc.com/css/ 		954 KB
183 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b.metamask-etc.com/css/index.css
Requested by
Host: b.metamask-etc.com
URL: https://b.metamask-etc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.185.28 Tokyo, Japan, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
19324d682dcf38dc4301051c406da335763f2ae3b1cbf08584acd910cfafc1e7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://b.metamask-etc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 12:36:35 GMT
content-encoding
gzip
last-modified
Sat, 05 Mar 2022 15:08:44 GMT
server
nginx
etag
W/"62237cfc-ee893"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sat, 12 Mar 2022 00:36:35 GMT
index-rtl.css
b.metamask-etc.com/css/ 		954 KB
182 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b.metamask-etc.com/css/index-rtl.css
Requested by
Host: b.metamask-etc.com
URL: https://b.metamask-etc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.185.28 Tokyo, Japan, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
e4890da9e8c741224ca9fe664f950c51d613d4f3b8f0fd641e884c20c3a4d49e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://b.metamask-etc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 12:36:35 GMT
content-encoding
gzip
last-modified
Sun, 06 Mar 2022 09:14:44 GMT
server
nginx
etag
W/"62247b84-ee7a2"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sat, 12 Mar 2022 00:36:35 GMT
index.css
b.metamask-etc.com/static/common/js/vant/ 		141 KB
47 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b.metamask-etc.com/static/common/js/vant/index.css
Requested by
Host: b.metamask-etc.com
URL: https://b.metamask-etc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.185.28 Tokyo, Japan, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
03f2a27c6e38c3e8e38b294c2d0c3536b989ff6285388172542b4bedf10291d5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://b.metamask-etc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 12:36:35 GMT
content-encoding
gzip
last-modified
Sun, 05 Dec 2021 06:10:48 GMT
server
nginx
etag
W/"61ac57e8-2343f"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sat, 12 Mar 2022 00:36:35 GMT
vue.min.js
b.metamask-etc.com/static/common/js/vue/ 		92 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.metamask-etc.com/static/common/js/vue/vue.min.js
Requested by
Host: b.metamask-etc.com
URL: https://b.metamask-etc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.185.28 Tokyo, Japan, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
e6e28a8fb9b74533ece152229dafcc3ebc0f4b3dcd62879df115706bce55927d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://b.metamask-etc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 12:36:35 GMT
content-encoding
gzip
last-modified
Sun, 05 Dec 2021 06:20:02 GMT
server
nginx
etag
W/"61ac5a12-16fcc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sat, 12 Mar 2022 00:36:35 GMT
jquery.js
b.metamask-etc.com/static/common/js/jquery/ 		84 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.metamask-etc.com/static/common/js/jquery/jquery.js
Requested by
Host: b.metamask-etc.com
URL: https://b.metamask-etc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.185.28 Tokyo, Japan, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
2a1f1370eb7b24a307312112427dfd544fb838a8bef66babc936f5e870a22e52
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://b.metamask-etc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 12:36:35 GMT
content-encoding
gzip
last-modified
Sun, 05 Dec 2021 06:19:50 GMT
server
nginx
etag
W/"61ac5a06-15147"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sat, 12 Mar 2022 00:36:35 GMT
vue.js
cdn.jsdelivr.net/npm/vue@2.6.14/dist/ 		336 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/vue@2.6.14/dist/vue.js
Requested by
Host: b.metamask-etc.com
URL: https://b.metamask-etc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5514 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69b75483b270421e1a89426dd59387ba090772313561c3e9fa415396a78e8936
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://b.metamask-etc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 12:36:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
187029
x-jsd-version
2.6.14
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains; preload
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19160-FRA, cache-lga21937-LGA
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"53fc9-Jp9Vk24Ybv0rJ6ZZ5HLpQ6vP7ig"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
cf-ray
6ea45627bf66d15b-BUF
vant.min.js
b.metamask-etc.com/static/common/js/vant/ 		270 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b.metamask-etc.com/static/common/js/vant/vant.min.js
Requested by
Host: b.metamask-etc.com
URL: https://b.metamask-etc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.185.28 Tokyo, Japan, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
64907943ad200eba70a44fb13c6201041d3dcaf18a8ee764763a8c93a2b480e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://b.metamask-etc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 12:36:35 GMT
content-encoding
gzip
last-modified
Sun, 05 Dec 2021 06:10:40 GMT
server
nginx
etag
W/"61ac57e0-436d0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sat, 12 Mar 2022 00:36:35 GMT
hlt.png
b.metamask-etc.com/images/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b.metamask-etc.com/images/hlt.png
Requested by
Host: b.metamask-etc.com
URL: https://b.metamask-etc.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.185.28 Tokyo, Japan, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
ac7b250026c73e3cb3e2a4afafe0e063c0e8ef5b75a1b0b5c9c17067dede6766
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://b.metamask-etc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 12:36:37 GMT
last-modified
Wed, 12 Jan 2022 13:16:35 GMT
server
nginx
etag
"61ded4b3-1efe"
strict-transport-security
max-age=31536000
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7934
expires
Sun, 10 Apr 2022 12:36:37 GMT
carousel.min.css
b.metamask-etc.com/css/react-gallery/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://b.metamask-etc.com/css/react-gallery/carousel.min.css
Requested by
Host: b.metamask-etc.com
URL: https://b.metamask-etc.com/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.185.28 Tokyo, Japan, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
27b7077f95f4e8b355a581630ed3c42c9915b24038e172fab346714584ad96b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://b.metamask-etc.com/css/index.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 12:36:36 GMT
content-encoding
gzip
last-modified
Sat, 05 Mar 2022 15:32:01 GMT
server
nginx
etag
W/"62238271-1492"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
strict-transport-security
max-age=31536000
expires
Sat, 12 Mar 2022 00:36:36 GMT
EuclidCircularB-Regular-WebXL.ttf
b.metamask-etc.com/css/fonts/Euclid/ 		151 KB
151 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://b.metamask-etc.com/css/fonts/Euclid/EuclidCircularB-Regular-WebXL.ttf
Requested by
Host: b.metamask-etc.com
URL: https://b.metamask-etc.com/css/index.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
137.220.185.28 Tokyo, Japan, ASN64050 (BCPL-SG BGPNET Global ASN, SG),
Reverse DNS
Software
nginx /
Resource Hash
08b11e464af41dc1764715793aee5078e632b68606feb061b996f3ff8be7401c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://b.metamask-etc.com/css/index.css
Origin
https://b.metamask-etc.com
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date
Fri, 11 Mar 2022 12:36:37 GMT
last-modified
Sun, 06 Mar 2022 09:11:12 GMT
server
nginx
etag
"62247ab0-25a50"
strict-transport-security
max-age=31536000
content-type
application/octet-stream
accept-ranges
bytes
content-length
154192

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Metamask (Crypto)

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| Vue function| $ function| jQuery object| vant undefined| t undefined| t3 undefined| t4 undefined| _that object| app5 function| link function| setLang

1 Cookies

Domain/Path Name / Value
b.metamask-etc.com/ Name: think_var
Value: ja

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000