DANGEROUS

Crypto scam / wallet-drainer

14 of 92 antivirus engines flag this page (14 outright malicious). Signals match fake investment platforms and wallet drainers. Never connect a wallet, paste a seed phrase, or deposit crypto here.

Security Review

Is etherscan-cm.github.io legit or a scam?

Our verdict:Dangerous· 1/100

Fake Etherscan clone on a brand-new GitHub Pages domain flagged by BitDefender, CyRadar, and five other engines.

etherscan-cm.github.ioScanned 16h ago
0
Trust score
DANGEROUS
Score breakdown
Heuristics 0·MT 15
Category tags
phishingcrypto#phishing#clone site#crypto fraud90% MT confidence
Technical red flags (2)
14 of 92 engines flaggedDomain is 0 days old
Warning signals (1)
Scam-network signals (35/100)
Positive signals (3)
Not on major blacklistsEncrypted connectionClean server reputation

These checks passed — but they don't clear the site. A clean antivirus result, valid SSL, and a calm server only mean it isn't hosting malware; they say nothing about whether the business is real. This verdict is based on the site's conduct and content, not a malware detection.

View density

Analysis Summary

Threat Intelligence
14/92
Engines flagged this URL
Domain Age
0 days old
Registration date unknown
Intelligence
Dangerous
High likelihood · 90% confidence

Website Preview

Screenshot of etherscan-cm.github.io
LIVE RENDER
etherscan-cm.github.io

Automated page render — captured in a safe sandbox. What an ordinary visitor would see when loading the site.

Intelligence

Advanced threat intelligence
Analysis
High scam likelihoodengineMT · Guardiantrust15/100
MT AgentLive web researchVisual inspectionNetwork correlation
0%
Confidence
The site copies the Etherscan name, title, and block-explorer copy verbatim while running on etherscan-cm.github.io. That domain registered today and already triggers 14 detections including BitDefender, CyRadar, Emsisoft, and Fortinet. The hosting IP shows 12 abuse reports and the page contains no email, phone, or address. External resources load from the real etherscan.io, confirming the impersonation pattern. These signals together point to a credential-harvesting or wallet-drainer operation rather than a legitimate explorer.
Full dossier
Analysis complete

Page Content

The page displays the exact Etherscan title and lengthy marketing text about transaction tracking, address lookup, and smart-contract interaction. No login form, contact details, or company information appears anywhere on the page. External scripts and fonts are pulled from etherscan.io, mobirise.com, and Google Fonts, creating a convincing visual clone.

Infrastructure

The site runs on GitHub Pages at IP 185.199.111.153 with a valid Let's Encrypt certificate that expires in 57 days. The IP carries an abuse score of 13/100 and 12 prior abuse reports. Our antivirus network returned 14 malicious flags out of 92 engines, naming ADMINUSLabs, BitDefender, ChainPatrol, CyRadar, Emsisoft, and Fortinet.

Domain History

The domain etherscan-cm.github.io registered today and shows zero days of history. No business registration or ownership details are present. The subdomain pattern using a hyphenated variation of the real brand is a common tactic for impersonation sites.

Web Reputation

No traffic ranking exists and independent review aggregators returned no data. The combination of a zero-day domain, multiple engine detections, and copied branding indicates the site has not operated long enough to accumulate legitimate reputation.

What this means for you

Entering any wallet credentials or approving transactions on this page would send data to the attacker. Avoid the site entirely and use only the official etherscan.io domain.

Risk Factors
5
  • Domain registered today with no operational history.
  • 14 of 92 engines flag the page as malicious or phishing.
  • Exact copy of Etherscan branding and marketing text.
  • Zero contact information or verifiable business details.
  • Hosting IP already linked to 12 abuse reports.
AI Recommendation
Do not visit or interact with this page. Always type etherscan.io directly instead of clicking links.
Next-gen fraud intelligence
Evidence-backedCross-checked

Web Research Findings

Our live research agent queries scam-report databases, consumer-review sites, news coverage, and general web search for etherscan-cm.github.io, then cross-checks business-registration records and look-alike domain patterns. Everything below is pulled from what it actually found.

Web mentions
No scam reports found
No complaints, no negative coverage turned up in our sweep.

We searched scam-report databases, consumer-review sites, and general web sources for etherscan-cm.github.io and did not find scam reports, complaints, or impersonation signals. The domain age, registration record and aggregator reviews shown above are consistent with a legitimate site.

Threat Detection

Scam Network

Cross-site correlation

This site shares signals with a broader cluster

Moderate correlation

Many scams don't operate alone. We correlate third-party scripts, hosting infrastructure, brand-impersonation signals, and the AI evidence package to detect when a site is part of a broader scam network.

Suspicion score
0/100
ClearLowModerateHighCritical
Evidence (2)
  • Zero contact info, crypto/gambling content, and the domain is only 0 days old — hallmark of a drainer farm.
  • Domain is only 0 days old and already carries multiple network-level red flags.
Linked signals (1)
Pattern · Contactless Crypto NEW Domain

Antivirus Engines

Detection matrix · live
14 engines flagged this URL

We cross-check every URL against our antivirus network of 92 malware and blacklist engines. Each detection is listed below by engine name — even a single hit is a meaningful signal.

14Malicious0Suspicious47Harmless92Engines
0
of 92
ADMINUSLabs
Malicious· malicious
BitDefender
Malicious· phishing
ChainPatrol
Malicious· malicious
CyRadar
Malicious· phishing
Emsisoft
Malicious· phishing
Fortinet
Malicious· phishing
G-Data
Malicious· phishing
Kaspersky
Malicious· phishing
LevelBlue
Malicious· phishing
Lionic
Malicious· phishing
Netcraft
Malicious· malicious
Rising
Malicious· phishing
Sophos
Malicious· phishing
Webroot
Malicious· malicious

14 antivirus engines flagged this URL. Even a single detection is a meaningful signal — treat this site with extra caution and avoid entering credentials, payment info, or downloading any files.

Security Scans

Blacklist Check
Not flagged on major threat lists

Checked against the major public blocklists used by browsers and security tools — no hits.

Reputation Sources

How this domain rates across independent threat-intelligence and blocklist providers.

Google Safe Browsing
Not listedCheck ↗
VirusTotal
ListedCheck ↗
AbuseIPDB
Not listedCheck ↗

Scam-Type Likelihood

1 scam-type patterns detected
Scam-Type Likelihood

1 of 13 categories showed signals

We check every URL against 13 distinct scam categories so the verdict tells you not just how risky the page is, but what kind of risk it carries. Each meter pulls from page signals, web reports, our AI analyst, vision, and the scam-network cluster — not from raw AV labels.

Top match: Crypto Fraud
Crypto Fraud
Moderate likelihood
33/100
  • AI analyst tagged this as crypto fraud / wallet-drainer.
  • AI analyst categorised the site as crypto-themed.

Technical Details

Contact Verification

We fetched the page and looked for real-world contact details. Legitimate businesses almost always publish an email on their own domain, a phone number, and a postal address. Scam shops usually don't.

What We Found
No clear contact details on the page
Emails on site's domainNone
Phone numbersNone
Postal addressNot listed
Linked social profiles0
Signal Summary
Several contact red flags
  • No contact email found anywhere on the page.
  • No phone number listed on the page.
  • No postal address visible on the page.

Domain & Encryption

Domain History
Age0 days old
RegistrarHidden
RegisteredUnknown
ExpiresUnknown
Owner privacyVisible
Encryption Certificate
StatusValid
ProtocolTLSv1.3
IssuerLet's Encrypt · YR2
ExpiresSep 2, 2026 (57d)
Self-signedNo
Hosting & Technology
HostingGitHub, Inc.
Server locationUS
Web serverGitHub.com
Platform / CMSMobirise v5.9.18, mobirise.com

Redirect Chain

Hops
1
Cross-domain
No
Lookalike
No
Punycode
No
  • 1301http://etherscan-cm.github.io/
  • 2200https://etherscan-cm.github.io/

Server Reputation

Abuse Intelligence
Confidence score13%
Reports on file12
ISPGitHub, Inc.
Usage typeContent Delivery Network

Referenced Domains

Outbound domains this page links to or loads resources from. Each links to its own security scan.

What to do

Crypto scam / wallet-drainer indicators

The page shows patterns common to crypto-investment scams, fake airdrops, and wallet drainers.

  • Do not interact with etherscan-cm.github.io

    Do not enter credentials, deposit money, download files, or install browser extensions from this site.

  • Never paste your seed phrase anywhere

    Legitimate wallets, exchanges and support staff will never ask for your 12/24-word recovery phrase. Typing it into any website — even one that looks real — gives attackers full access to your funds.

  • If you already connected a wallet

    Revoke token approvals immediately using revoke.cash or Etherscan's Token Approvals tool. Move remaining funds to a fresh wallet (new seed phrase). Assume the original wallet is compromised.

  • Report the wallet and URL

    File a report at IC3 (FBI Internet Crime Complaint Center) or your country's cybercrime portal. Recovery is unlikely, but reports help law enforcement map the network.

    Open

Safer Alternatives

Trying to handle crypto? Use a safe option instead

Dealing with crypto? Use a regulated, well-established exchange rather than an unknown site — and never connect your wallet or enter a seed phrase on a page you can't verify.

Suggestions for safety only — not endorsements. Always verify the address bar before signing in or paying, even on well-known sites.

Final Verdict

0
Trust / 100
Final Verdict·etherscan-cm.github.io
DANGEROUS

This page impersonates the real Etherscan block explorer. The domain was registered today, 14 of 92 engines flag it as malicious, and it carries zero contact information.

Do not visit or interact with this page. Always type etherscan.io directly instead of clicking links.

AV engines
92
MT passes
2
Net signals
1
Scan another URL
Security review completemalwaretips.com/url-scan

Safety FAQ

Common questions about this site, answered directly from the scan data above — so the answers always reflect the latest verdict on this page.

  • Our automated security review flags etherscan-cm.github.io as dangerous. Multiple threat indicators were detected — treat the site as a scam until proven otherwise.
  • No — etherscan-cm.github.io scored 1/100 on our trust scale. We detected active threat indicators, so we recommend avoiding the site entirely.
  • Yes. etherscan-cm.github.io presents a valid TLSv1.3 certificate issued by Let's Encrypt · YR2, expiring in 57 days. Note that SSL only encrypts the connection — it does not guarantee that the site itself is trustworthy.
  • etherscan-cm.github.io is 0 days old. Scam domains are often freshly registered — a site under 6 months old warrants extra caution.
  • 14 out of 92 antivirus engines in our malware network flagged etherscan-cm.github.io as malicious or suspicious (14 outright malicious). Even one detection is a meaningful signal.
  • No. etherscan-cm.github.io is not currently listed on the major browser blocklist feeds that modern browsers use.
  • etherscan-cm.github.io resolves to an IP operated by GitHub, Inc. in US (usage type: Content Delivery Network). Hosting location alone doesn't make a site good or bad, but unusual geography for a brand's claimed country is one of many signals we weigh.
  • This is a permanent record of the scan run on July 7, 2026. The verdict and evidence above reflect that scan and do not change on their own. If circumstances around etherscan-cm.github.io have changed, MalwareTips staff can run a fresh scan, which re-runs every check from scratch and publishes an updated report.
Recently scanned

Other Dangerous reports

Browse all reports
Community review

User reviews & comments(0)

Share your experience — "Lost $200 on a fake checkout" is more useful than "Scam". Your review helps others avoid traps.

Loading…
Loading comments…
This report is generated automatically by combining threat intelligence, domain signals, and an AI security analyst. It is informational, not legal advice. Always use your own judgement before sharing personal information or money online.