developed.nswoodworks.buzz
Open in
urlscan Pro
2606:4700:3033::6818:6797
Malicious Activity!
Public Scan
Effective URL: https://developed.nswoodworks.buzz/yd?mn=Z31wlW5oamKclX12wZyWaIh7YKCDomZjamKjY31y/ulrich.zuehlke%40koeln.de
Submission: On September 17 via automatic, source openphish
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 24th 2020. Valid for: a year.
This is the only time developed.nswoodworks.buzz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Amazon (Online) Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 2606:4700:303... 2606:4700:3037::681b:bd6f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
18 | 2606:4700:303... 2606:4700:3033::6818:6797 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6811:4e6b | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2606:4700::68... 2606:4700::6812:13b7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:819::200a | 15169 (GOOGLE) (GOOGLE) | |
3 | 2a00:1450:400... 2a00:1450:4001:81d::2003 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700:20:... 2606:4700:20::681a:164 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4860:480... 2001:4860:4802:38::15 | 15169 (GOOGLE) (GOOGLE) | |
29 | 7 |
ASN13335 (CLOUDFLARENET, US)
developed.nswoodworks.buzz |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
nswoodworks.buzz
developed.nswoodworks.buzz |
420 KB |
5 |
wonderpush.com
cdn.by.wonderpush.com measurements-api.wonderpush.com |
100 KB |
3 |
gstatic.com
fonts.gstatic.com |
27 KB |
2 |
frdavidjones.com
2 redirects
trk-log.frdavidjones.com |
1 KB |
1 |
geojs.io
get.geojs.io |
829 B |
1 |
googleapis.com
fonts.googleapis.com |
1 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com |
5 KB |
29 | 7 |
Domain | Requested by | |
---|---|---|
18 | developed.nswoodworks.buzz |
developed.nswoodworks.buzz
|
4 | cdn.by.wonderpush.com |
developed.nswoodworks.buzz
cdn.by.wonderpush.com |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
2 | trk-log.frdavidjones.com | 2 redirects |
1 | measurements-api.wonderpush.com |
cdn.by.wonderpush.com
|
1 | get.geojs.io |
cdn.by.wonderpush.com
|
1 | fonts.googleapis.com |
developed.nswoodworks.buzz
|
1 | cdnjs.cloudflare.com |
developed.nswoodworks.buzz
|
29 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
mtp.identityproofs.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-24 - 2021-08-24 |
a year | crt.sh |
cdnjs.cloudflare.com DigiCert ECC Secure Server CA |
2020-08-12 - 2022-08-17 |
2 years | crt.sh |
by.wonderpush.com Let's Encrypt Authority X3 |
2020-08-10 - 2020-11-08 |
3 months | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-08-26 - 2020-11-18 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-08-26 - 2020-11-18 |
3 months | crt.sh |
measurements-api.wonderpush.com GTS CA 1D2 |
2020-08-31 - 2020-11-29 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://developed.nswoodworks.buzz/yd?mn=Z31wlW5oamKclX12wZyWaIh7YKCDomZjamKjY31y/ulrich.zuehlke%40koeln.de
Frame ID: 639C608AB268484255246B5324B547B3
Requests: 29 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://trk-log.frdavidjones.com/ga/click/2-2005043-71-3218-6321-6432-000856d38e-9af7a6fe1e
HTTP 301
https://trk-log.frdavidjones.com/ga/click/2-2005043-71-3218-6321-6432-000856d38e-9af7a6fe1e HTTP 302
https://developed.nswoodworks.buzz/yd?mn=Z31wlW5oamKclX12wZyWaIh7YKCDomZjamKjY31y/ulrich.zuehlke%40koeln.de Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /^cloudflare$/i
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: Samsung S20 Plus Only 2 left in stock Ships from and sold by Samsung £ 1 £999Delivery will take 5 days Learn More DeletSave for laterProceed To Checkout
Search URL Search Domain Scan URL
Title: Apple iPhone 11 Only 1 left in stock Ships from and sold by Apple £ 1 £ 879Delivery will take 5 days Learn More DeletSave for laterProceed To Checkout
Search URL Search Domain Scan URL
Title: Samsung 4K Smart TV, 65" Only 1 left in stock Ships from and sold by Apple £ 2 £ 997Delivery will take 5 days Learn More DeletSave for laterProceed To Checkout
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://trk-log.frdavidjones.com/ga/click/2-2005043-71-3218-6321-6432-000856d38e-9af7a6fe1e
HTTP 301
https://trk-log.frdavidjones.com/ga/click/2-2005043-71-3218-6321-6432-000856d38e-9af7a6fe1e HTTP 302
https://developed.nswoodworks.buzz/yd?mn=Z31wlW5oamKclX12wZyWaIh7YKCDomZjamKjY31y/ulrich.zuehlke%40koeln.de Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
yd
developed.nswoodworks.buzz/ Redirect Chain
|
21 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.5.0/css/ |
27 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
118 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custome.css
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
45 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
85 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
36 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wonderpush-loader.min.js
cdn.by.wonderpush.com/sdk/1.1/ |
881 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo3.png
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
packingbox.png
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
99 KB 99 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tickpic.png
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s20.jpg
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
37 KB 38 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qnt.png
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
11.jpg
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
30 KB 30 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tv.png
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
102 KB 102 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socialicon.png
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
grantee_imag.png
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signs.png
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lock.png
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
571 B 701 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ssl.png
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
6 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo2.png
developed.nswoodworks.buzz/allcustomfiles/UK-amazon-multi-SEP-2020/ |
21 KB 21 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
26 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wonderpush.min.js
cdn.by.wonderpush.com/sdk/1.1.25.8/ |
404 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
41d403593c0b49d57f632b281192a2cc78b1d2de15f2c5576bbb2af96cbee7e0
cdn.by.wonderpush.com/config/webkeys/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geojs.js
cdn.by.wonderpush.com/plugins/geojs/1.0.2/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
geo.json
get.geojs.io/v1/ip/ |
363 B 829 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
events
measurements-api.wonderpush.com/v1/ |
21 B 206 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Amazon (Online) Generic Scam (Online)20 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| trustedTypes function| $ function| jQuery object| WonderPush function| chkvali function| partstep function| toSimpleJson function| startTimer object| d number| minutes string| hours string| ampm object| months object| days undefined| o undefined| two undefined| three undefined| four undefined| five number| srt1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.nswoodworks.buzz/ | Name: __cfduid Value: d907fc24e771190bd52097e2d68609b4c1600306391 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.by.wonderpush.com
cdnjs.cloudflare.com
developed.nswoodworks.buzz
fonts.googleapis.com
fonts.gstatic.com
get.geojs.io
measurements-api.wonderpush.com
trk-log.frdavidjones.com
2001:4860:4802:38::15
2606:4700:20::681a:164
2606:4700:3033::6818:6797
2606:4700:3037::681b:bd6f
2606:4700::6811:4e6b
2606:4700::6812:13b7
2a00:1450:4001:819::200a
2a00:1450:4001:81d::2003
015728d971f379a474200ed9580bff8eaa4415b2e7e1d887e50af2a59b152916
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
1e98a84d201a5ce748c59f64fe3b5341601b863b3fff7d63a045aa6f655edf08
242499632cf240c6e265d33409ed41416a717df90254910b713376e5d5b631b8
3302335108b2863a71ce68a1567cbcbc51a1edb3a6cbb3c056348d087a558850
3f2f0c972b4321108863fdab278c5857664651fcfb95dcdb297268560ae0574b
436eb63bd65b02ea9f6f5aac0d98ac6e8948d027fd5c40b53b8ccba52fc528b7
4b48969d61be48112a007c961b0e76b02cd22d5dda86db14120f13c71a35c9ec
51efc99683bf2e99e715813d73d2e4d1e66887869bd6636d7b9c5edcec04c27a
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
6654fb4826da62311efa94d34b800106d478bd077f046050989d77de36b0adac
6af479992ad8981e0aad3a93e2230d8e573f7e2096d4ded8dc4a0dbf4a72428b
7f49be23c64193b4c30b829b8ba61855ba97175c9c95ea7c1bc565c9591185b4
7fa2785852d54f7af66fbd8ea3965e41588f3434bb93a1205dc5d41044fcd06a
81afd6045b28099677e163f0df5b439bd9a3e3dc108e43f06b4bbd46437af0d2
841f5a88af438e31ee4133ccd0aa726a1b418048cf7e50a6871819374714db2e
90ecfbee19b034e584218f267c694e210cee162a424ec2b684bf5a5a51e56c70
910b702695e4a005e4a458ed75917ae0fbe816679401f37a07f4d8e96aff3e09
92270ecd9b9cbb44622809715e9e862132731dca255313296ccb10f100fe2d0d
a28ccf8a7b50522bdeea0cd83cdeca221c18fc1f9df3ee6b3d3c48d599206855
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
adb3df06bc15b3c7f0eaba62d5a58b424678e6b9066984fe3995d1677cc0d59f
b877ef66eabd2dd21768d59e2ac26f9c4f48e0ed602e27cbd4d53c0701c7d515
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5
ef2dd1a863266a66724cc98aaf544e7544ad005873447d2a9a4aa742658ca618
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
fd2dda7485a9fef032f36694a1168141fbd485f1704eabca64e4a02d3ae14c9a