jurassicbuzz.com Open in urlscan Pro
67.227.198.8 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php
Submission: On December 14 via automatic, source openphish (December 14th 2017, 9:50:52 am UTC)

Summary HTTP 12 Redirects Behaviour Indicators

Summary

This website contacted 1 IPs in 1 countries across 1 domains to perform 12 HTTP transactions. The main IP is 67.227.198.8, located in Lansing, United States and belongs to LIQUIDWEB - Liquid Web, L.L.C, US. The main domain is jurassicbuzz.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on December 4th 2017. Valid for: 3 months.

This is the only time jurassicbuzz.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Wells Fargo (Banking)

Domain & IP information

	IP Address		AS Autonomous System
12	67.227.198.8 67.227.198.8		32244 (LIQUIDWEB) (LIQUIDWEB - Liquid Web)
12	1

12 67.227.198.8 (Lansing, United States)

ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US)

jurassicbuzz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	jurassicbuzz.com jurassicbuzz.com	75 KB
12	1

	Domain	Requested by
12	jurassicbuzz.com	jurassicbuzz.com
12	1

This site contains no links.

Subject Issuer	Validity	Valid
jurassicbuzz.com cPanel, Inc. Certification Authority	`2017-12-04` - `2018-03-04`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php
Frame ID: (CAC854D58F955FAB3893F91F15471798)
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Page Statistics

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

75 kB
Transfer

189 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request detils.php Show response jurassicbuzz.com/wp-content/plugins/si/login/Home/	37 KB 0	391ms 126ms	Document text/html	67.227.198.8 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.227.198.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS Software Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 / Resource Hash `a9ad480aae12804f154b9789d404e8167ea2730626f6f149dc3efc064ae5f67f` Request headers Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8 Connection keep-alive Accept-Encoding gzip, deflate Host jurassicbuzz.com Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Thu, 14 Dec 2017 09:50:41 GMT Content-Encoding gzip Server Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 Vary Accept-Encoding,User-Agent Content-Type text/html; charset=UTF-8 Cache-Control max-age=600 Connection Keep-Alive Keep-Alive timeout=2, max=150 Content-Length 7301 Expires Thu, 14 Dec 2017 10:00:41 GMT
GET H/1.1	200 OK	utag.js Show response jurassicbuzz.com/wp-content/plugins/si/login/1/tracking/toppages/	40 KB 11 KB	126ms 126ms	Script application/javascript	67.227.198.8 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://jurassicbuzz.com/wp-content/plugins/si/login/1/tracking/toppages/utag.js Requested by Host: jurassicbuzz.com URL: https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.227.198.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS Software Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 / Resource Hash `87a4283129ce94544b6463ce7f307abd133f2458d9147a5ba0912ac136b48945` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host jurassicbuzz.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Connection keep-alive Cache-Control no-cache Referer https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Thu, 14 Dec 2017 09:50:41 GMT Content-Encoding gzip Last-Modified Wed, 06 Sep 2017 05:13:06 GMT Server Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 ETag "1617bf-a0d6-5587e661f3c80-gzip" Vary Accept-Encoding,User-Agent Content-Type application/javascript Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=149 Content-Length 10859 Expires Sat, 13 Jan 2018 09:50:41 GMT
GET H/1.1	404 Not Found	redirectionMobile.js jurassicbuzz.com/wp-content/plugins/si/login/Home/js/	0 0	425ms 176ms	Script text/html	67.227.198.8 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://jurassicbuzz.com/wp-content/plugins/si/login/Home/js/redirectionMobile.js Requested by Host: jurassicbuzz.com URL: https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.227.198.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS Software Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 / Resource Hash Request headers Pragma no-cache Accept-Encoding gzip, deflate Host jurassicbuzz.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept / Referer https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Connection keep-alive Cache-Control no-cache Referer https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Pragma no-cache Date Thu, 14 Dec 2017 09:50:41 GMT Content-Encoding gzip Server Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 Vary Accept-Encoding,User-Agent Content-Type text/html; charset=UTF-7 Cache-Control no-cache, must-revalidate, max-age=0 Connection Keep-Alive Link <https://jurassicbuzz.com/wp-json/>; rel="https://api.w.org/" Content-Length 244 Keep-Alive timeout=2, max=150 Expires Wed, 11 Jan 1984 05:00:00 GMT
GET H/1.1	200 OK	homepage.css jurassicbuzz.com/wp-content/plugins/si/login/3/css/home/	63 KB 16 KB	283ms 157ms	Stylesheet text/css	67.227.198.8 Liquid Web
General Check archive.org Show headers Download Go to Full URL https://jurassicbuzz.com/wp-content/plugins/si/login/3/css/home/homepage.css Requested by Host: jurassicbuzz.com URL: https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.227.198.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS Software Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 / Resource Hash `565263d801f4fd62e36c1808df02ba171fc66b25e10392a53bc7f2f996436097` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host jurassicbuzz.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept text/css,/;q=0.1 Referer https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Connection keep-alive Cache-Control no-cache Referer https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Thu, 14 Dec 2017 09:50:41 GMT Content-Encoding gzip Last-Modified Wed, 06 Sep 2017 05:13:06 GMT Server Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 ETag "16182a-fce9-5587e661f3c80-gzip" Vary Accept-Encoding,User-Agent Content-Type text/css Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=148 Content-Length 16215 Expires Sat, 13 Jan 2018 09:50:41 GMT
GET H/1.1	200 OK	wf-logo.gif jurassicbuzz.com/wp-content/plugins/si/login/3/assets/images/global/	4 KB 4 KB	183ms 182ms	Image image/gif	67.227.198.8 Liquid Web
General Check archive.org Show headers Download Go to Show image Full URL https://jurassicbuzz.com/wp-content/plugins/si/login/3/assets/images/global/wf-logo.gif Requested by Host: jurassicbuzz.com URL: https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.227.198.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS Software Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 / Resource Hash `edc5ee3b590dae17b0eb19063c34680c15ee144d13583d006e6a7976b69cd2db` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host jurassicbuzz.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Cookie utag_main=v_id:0160546ee478001948bcda3ff1f700079004407100b08$_sn:1$_ss:1$_st:1513246841786$ses_id:1513245041786%3Bexp-session$_pn:1%3Bexp-session Connection keep-alive Cache-Control no-cache Referer https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Thu, 14 Dec 2017 09:50:41 GMT Last-Modified Wed, 06 Sep 2017 05:13:08 GMT Server Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 ETag "161827-e86-5587e663dc100" Content-Type image/gif Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=147 Content-Length 3718 Expires Sat, 13 Jan 2018 09:50:41 GMT
GET H/1.1	200 OK	homepage-footer-stagecoach.png jurassicbuzz.com/wp-content/plugins/si/login/Home/First-page/	4 KB 4 KB	152ms 151ms	Image image/png	67.227.198.8 Liquid Web
General Check archive.org Show headers Download Go to Show image Full URL https://jurassicbuzz.com/wp-content/plugins/si/login/Home/First-page/homepage-footer-stagecoach.png Requested by Host: jurassicbuzz.com URL: https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.227.198.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS Software Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 / Resource Hash `5ba349d4d93dc2748ecdd74459d33d57328b0df69bf29c94117897bff43f6889` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host jurassicbuzz.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Cookie utag_main=v_id:0160546ee478001948bcda3ff1f700079004407100b08$_sn:1$_ss:1$_st:1513246841786$ses_id:1513245041786%3Bexp-session$_pn:1%3Bexp-session Connection keep-alive Cache-Control no-cache Referer https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Thu, 14 Dec 2017 09:50:42 GMT Last-Modified Wed, 06 Sep 2017 05:13:12 GMT Server Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 ETag "161879-113b-5587e667aca00" Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=149 Content-Length 4411 Expires Sat, 13 Jan 2018 09:50:42 GMT
GET H/1.1	200 OK	icon-equal-housing.png jurassicbuzz.com/wp-content/plugins/si/login/Home/First-page/	282 B 282 B	141ms 141ms	Image image/png	67.227.198.8 Liquid Web
General Check archive.org Show headers Download Go to Show image Full URL https://jurassicbuzz.com/wp-content/plugins/si/login/Home/First-page/icon-equal-housing.png Requested by Host: jurassicbuzz.com URL: https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.227.198.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS Software Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 / Resource Hash `31ebc1799692cf80984ded81abc89d9e1540bc1e258770f5a24ad4386a48d3bc` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host jurassicbuzz.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Cookie utag_main=v_id:0160546ee478001948bcda3ff1f700079004407100b08$_sn:1$_ss:1$_st:1513246841786$ses_id:1513245041786%3Bexp-session$_pn:1%3Bexp-session Connection keep-alive Cache-Control no-cache Referer https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Thu, 14 Dec 2017 09:50:42 GMT Last-Modified Wed, 06 Sep 2017 05:13:10 GMT Server Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 ETag "161888-11a-5587e665c4580" Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=150 Content-Length 282 Expires Sat, 13 Jan 2018 09:50:42 GMT
GET H/1.1	200 OK	icon-trust-mark.png jurassicbuzz.com/wp-content/plugins/si/login/3/assets/images/css/template/	16 KB 16 KB	277ms 137ms	Image image/png	67.227.198.8 Liquid Web
General Check archive.org Show headers Download Go to Show image Full URL https://jurassicbuzz.com/wp-content/plugins/si/login/3/assets/images/css/template/icon-trust-mark.png Requested by Host: jurassicbuzz.com URL: https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.227.198.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS Software Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 / Resource Hash `744a93a5401ee4297024c6bf15e830ed4b6da4d91b39bff5853cff41db4377d5` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host jurassicbuzz.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://jurassicbuzz.com/wp-content/plugins/si/login/3/css/home/homepage.css Cookie utag_main=v_id:0160546ee478001948bcda3ff1f700079004407100b08$_sn:1$_ss:1$_st:1513246841786$ses_id:1513245041786%3Bexp-session$_pn:1%3Bexp-session Connection keep-alive Cache-Control no-cache Referer https://jurassicbuzz.com/wp-content/plugins/si/login/3/css/home/homepage.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Thu, 14 Dec 2017 09:50:42 GMT Last-Modified Wed, 06 Sep 2017 05:13:06 GMT Server Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 ETag "161803-3e36-5587e661f3c80" Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=149 Content-Length 15926 Expires Sat, 13 Jan 2018 09:50:42 GMT
GET H/1.1	200 OK	sprite-homepage.png jurassicbuzz.com/wp-content/plugins/si/login/3/assets/images/css/	22 KB 22 KB	287ms 138ms	Image image/png	67.227.198.8 Liquid Web
General Check archive.org Show headers Download Go to Show image Full URL https://jurassicbuzz.com/wp-content/plugins/si/login/3/assets/images/css/sprite-homepage.png Requested by Host: jurassicbuzz.com URL: https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.227.198.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS Software Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 / Resource Hash `297662a85dae4b1360d8a87cf7cfa04bf36608c0d290c2ece76fdd35da059b0a` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host jurassicbuzz.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://jurassicbuzz.com/wp-content/plugins/si/login/3/css/home/homepage.css Cookie utag_main=v_id:0160546ee478001948bcda3ff1f700079004407100b08$_sn:1$_ss:1$_st:1513246841786$ses_id:1513245041786%3Bexp-session$_pn:1%3Bexp-session Connection keep-alive Cache-Control no-cache Referer https://jurassicbuzz.com/wp-content/plugins/si/login/3/css/home/homepage.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Thu, 14 Dec 2017 09:50:42 GMT Last-Modified Wed, 06 Sep 2017 05:13:06 GMT Server Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 ETag "1617cc-5660-5587e661f3c80" Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=148 Content-Length 22112 Expires Sat, 13 Jan 2018 09:50:42 GMT
GET H/1.1	200 OK	btn-icon-search.png jurassicbuzz.com/wp-content/plugins/si/login/3/assets/images/css/template/	1 KB 1 KB	336ms 138ms	Image image/png	67.227.198.8 Liquid Web
General Check archive.org Show headers Download Go to Show image Full URL https://jurassicbuzz.com/wp-content/plugins/si/login/3/assets/images/css/template/btn-icon-search.png Requested by Host: jurassicbuzz.com URL: https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.227.198.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS Software Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 / Resource Hash `da38fd7d6d2e1425dc8fecba13e64cd220d4f34d7c7d3ae76f9916d3b489b5d2` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host jurassicbuzz.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://jurassicbuzz.com/wp-content/plugins/si/login/3/css/home/homepage.css Cookie utag_main=v_id:0160546ee478001948bcda3ff1f700079004407100b08$_sn:1$_ss:1$_st:1513246841786$ses_id:1513245041786%3Bexp-session$_pn:1%3Bexp-session Connection keep-alive Cache-Control no-cache Referer https://jurassicbuzz.com/wp-content/plugins/si/login/3/css/home/homepage.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Thu, 14 Dec 2017 09:50:42 GMT Last-Modified Wed, 06 Sep 2017 05:13:08 GMT Server Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 ETag "1617e0-50f-5587e663dc100" Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=145 Content-Length 1295 Expires Sat, 13 Jan 2018 09:50:42 GMT
GET H/1.1	200 OK	bg-fat-nav.png jurassicbuzz.com/wp-content/plugins/si/login/3/assets/images/css/template/	584 B 584 B	241ms 133ms	Image image/png	67.227.198.8 Liquid Web
General Check archive.org Show headers Download Go to Show image Full URL https://jurassicbuzz.com/wp-content/plugins/si/login/3/assets/images/css/template/bg-fat-nav.png Requested by Host: jurassicbuzz.com URL: https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.227.198.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS Software Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 / Resource Hash `cde3c7723f8f101df28d59fc04cd49966eba933bc7ff600ad0fb1bda9dcec454` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host jurassicbuzz.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://jurassicbuzz.com/wp-content/plugins/si/login/3/css/home/homepage.css Cookie utag_main=v_id:0160546ee478001948bcda3ff1f700079004407100b08$_sn:1$_ss:1$_st:1513246841786$ses_id:1513245041786%3Bexp-session$_pn:1%3Bexp-session Connection keep-alive Cache-Control no-cache Referer https://jurassicbuzz.com/wp-content/plugins/si/login/3/css/home/homepage.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Thu, 14 Dec 2017 09:50:42 GMT Last-Modified Wed, 06 Sep 2017 05:13:08 GMT Server Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 ETag "1617da-248-5587e663dc100" Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=150 Content-Length 584 Expires Sat, 13 Jan 2018 09:50:42 GMT
GET H/1.1	200 OK	bg-footer.png jurassicbuzz.com/wp-content/plugins/si/login/3/assets/images/css/template/	1 KB 1 KB	164ms 163ms	Image image/png	67.227.198.8 Liquid Web
General Check archive.org Show headers Download Go to Show image Full URL https://jurassicbuzz.com/wp-content/plugins/si/login/3/assets/images/css/template/bg-footer.png Requested by Host: jurassicbuzz.com URL: https://jurassicbuzz.com/wp-content/plugins/si/login/Home/detils.php Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 67.227.198.8 Lansing, United States, ASN32244 (LIQUIDWEB - Liquid Web, L.L.C, US), Reverse DNS Software Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 / Resource Hash `1ed889a15705bc76729d29d715c64f3d7f35de2ea519e1d2704924cf40d9e30d` Request headers Pragma no-cache Accept-Encoding gzip, deflate Host jurassicbuzz.com User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Accept image/webp,image/apng,image/,/;q=0.8 Referer* https://jurassicbuzz.com/wp-content/plugins/si/login/3/css/home/homepage.css Cookie utag_main=v_id:0160546ee478001948bcda3ff1f700079004407100b08$_sn:1$_ss:1$_st:1513246841786$ses_id:1513245041786%3Bexp-session$_pn:1%3Bexp-session Connection keep-alive Cache-Control no-cache Referer https://jurassicbuzz.com/wp-content/plugins/si/login/3/css/home/homepage.css User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36 Response headers Date Thu, 14 Dec 2017 09:50:42 GMT Last-Modified Wed, 06 Sep 2017 05:13:08 GMT Server Apache/2.4.29 (cPanel) OpenSSL/1.0.2m mod_bwlimited/1.4 ETag "1617db-583-5587e663dc100" Content-Type image/png Cache-Control max-age=2592000 Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=2, max=146 Content-Length 1411 Expires Sat, 13 Jan 2018 09:50:42 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Wells Fargo (Banking)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.jurassicbuzz.com/	1970-01-18 21:06:21	Name: utag_main Value: v_id:0160546ee478001948bcda3ff1f700079004407100b08$_sn:1$_ss:1$_st:1513246841786$ses_id:1513245041786%3Bexp-session$_pn:1%3Bexp-session

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

jurassicbuzz.com
67.227.198.8
1ed889a15705bc76729d29d715c64f3d7f35de2ea519e1d2704924cf40d9e30d
297662a85dae4b1360d8a87cf7cfa04bf36608c0d290c2ece76fdd35da059b0a
31ebc1799692cf80984ded81abc89d9e1540bc1e258770f5a24ad4386a48d3bc
565263d801f4fd62e36c1808df02ba171fc66b25e10392a53bc7f2f996436097
5ba349d4d93dc2748ecdd74459d33d57328b0df69bf29c94117897bff43f6889
744a93a5401ee4297024c6bf15e830ed4b6da4d91b39bff5853cff41db4377d5
87a4283129ce94544b6463ce7f307abd133f2458d9147a5ba0912ac136b48945
a9ad480aae12804f154b9789d404e8167ea2730626f6f149dc3efc064ae5f67f
cde3c7723f8f101df28d59fc04cd49966eba933bc7ff600ad0fb1bda9dcec454
da38fd7d6d2e1425dc8fecba13e64cd220d4f34d7c7d3ae76f9916d3b489b5d2
edc5ee3b590dae17b0eb19063c34680c15ee144d13583d006e6a7976b69cd2db

jurassicbuzz.com Open in urlscan Pro 67.227.198.8 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

12 Requests

100 %HTTPS

0 %IPv6

1 Domains

1 Subdomains

1 IPs

1 Countries

75 kBTransfer

189 kBSize

1 Cookies

0 Outgoing links

Redirected requests

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

10 JavaScript Global Variables

1 Cookies

Indicators

jurassicbuzz.com Open in urlscan Pro
67.227.198.8 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

12
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

1
IPs

1
Countries

75 kB
Transfer

189 kB
Size

1
Cookies

12 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!