webplatform.buzz Open in urlscan Pro
2606:4700:3031::6815:912  Malicious Activity! Public Scan

URL: https://webplatform.buzz/SSQ
Submission: On November 07 via api from US — Scanned from DE

Summary

This website contacted 4 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 2606:4700:3031::6815:912, located in United States and belongs to CLOUDFLARENET, US. The main domain is webplatform.buzz.
TLS certificate: Issued by WE1 on October 26th 2024. Valid for: 3 months.
This is the only time webplatform.buzz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: SberBank (Banking)

Domain & IP information

IP Address AS Autonomous System
14 2606:4700:303... 13335 (CLOUDFLAR...)
4 202.168.102.27 10122 (NETSTAR-A...)
1 104.166.188.188 21859 (ZEN-ECN)
19 4
Apex Domain
Subdomains
Transfer
14 webplatform.buzz
webplatform.buzz
708 KB
5 imotech.video
api.imotech.video — Cisco Umbrella Rank: 71219
22 KB
19 2
Domain Requested by
14 webplatform.buzz webplatform.buzz
5 api.imotech.video webplatform.buzz
api.imotech.video
19 2

This site contains no links.

Subject Issuer Validity Valid
webplatform.buzz
WE1
2024-10-26 -
2025-01-24
3 months crt.sh
*.imotech.video
GlobalSign GCC R6 AlphaSSL CA 2023
2024-06-03 -
2025-07-05
a year crt.sh

This page contains 2 frames:

Primary Page: https://webplatform.buzz/SSQ
Frame ID: 133A0263EA98017EE9AABE13548A5CBD
Requests: 19 HTTP requests in this frame

Frame: https://api.imotech.video/ad/pixelfile.html
Frame ID: 33D9EE92AF7F2CE15927A0047ED9B3F3
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Получите доступ к доходу от 92 000 рублей на платформе от

Page Statistics

19
Requests

100 %
HTTPS

33 %
IPv6

2
Domains

2
Subdomains

4
IPs

2
Countries

730 kB
Transfer

1600 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request SSQ
webplatform.buzz/
226 KB
130 KB
Document
General
Full URL
https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
392edc1bab5e4efa39865ce86a89442f8a167d8ef1e44ab8421ef5972243c5c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8deb83fc4cbfe3f6-OTP
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Thu, 07 Nov 2024 07:12:32 GMT
expires
Thu, 07 Nov 2024 07:12:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4J%2FzeDW2xPfLNugz8J8SOT7UutHRWLb4fAw1NqDRUYlpUbMFySmNcCXzYhQdOzZ%2FRqhLTKRnn1sMLj8KjoGSI1w6fgQrYcH5imcnOn04JUg74itPghId1tJxfn%2Bg9fPHId%2F%2BkJoD2g9wRGFJR7wO"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=65229&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3996&recv_bytes=2388&delivery_rate=56430&cwnd=35&unsent_bytes=0&cid=7d7b6a5a9622016f&ts=298&x=0"
vary
Accept-Encoding
bg_180.png
webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/images/
238 KB
239 KB
Image
General
Full URL
https://webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/images/bg_180.png
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e0c93ff9ff4c5837e632e0be3840d7bb6692d64851df3768d62000896680976

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/SSQ

Response headers

cf-cache-status
HIT
etag
"672a1249-3b909"
age
59991
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aDKnGZdOTnGa8t4mdHM9FaqSf5Z5n1ZCOPPZpT1tCQpAhPBz17N66iOyRWO18%2BSQY0LvrDO%2FJlSclWnbtNQJOgP147QpqzWjVpB6gLFVA9bm6CbL54GNROAkyoWnWR3SztA2jgdhGIedgGDkNSSR"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 14:32:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=65074&sent=37&recv=14&lost=0&retrans=0&sent_bytes=36857&recv_bytes=2962&delivery_rate=56430&cwnd=37&unsent_bytes=0&cid=7d7b6a5a9622016f&ts=393&x=0"
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
image/png
last-modified
Tue, 05 Nov 2024 12:40:41 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8deb83fe2e6fe3f6-OTP
accept-ranges
bytes
access-control-allow-origin
*
content-length
243977
server
cloudflare
1a51d04b48ae2e7e.css
webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/css/
36 KB
8 KB
Stylesheet
General
Full URL
https://webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/css/1a51d04b48ae2e7e.css
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
99c03797d12d32a99ac90a9c83d7f223d7adc1f0d6b5fcf01826d1b2c52aae38

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/SSQ

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672a1249-8f23"
age
59992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fulk1rKmMQgbM5aX0Cmz7d1HyjsTdczt0OpXXz0YA2oTNq2V4GZ3LabFvust0YBdpDFkIXgPZu2b4UnEiIWYIr69eMMQuegL9DXrJbjJGjxu3curc7QpWWrx%2FvgrGs3F712RmyqOKguY4MwLpZ%2BW"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 14:32:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=65074&sent=44&recv=14&lost=0&retrans=0&sent_bytes=45182&recv_bytes=2962&delivery_rate=56430&cwnd=37&unsent_bytes=24643&cid=7d7b6a5a9622016f&ts=397&x=0"
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
text/css
last-modified
Tue, 05 Nov 2024 12:40:41 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8deb83fe3e7ae3f6-OTP
access-control-allow-origin
*
server
cloudflare
webpack-b82cc81a783008b5.js
webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/
3 KB
2 KB
Script
General
Full URL
https://webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/webpack-b82cc81a783008b5.js
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c80f537c406044d22d7d57820b23c5645d823b75012d3493fbda129f8d159184

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/SSQ

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"672a1249-de6"
age
59992
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U9mpk2LEjCXJmyVh1fHem2vwdMDGu08XK%2BM2vwIaHmndaS7A%2BjE%2FJTGqjcozbKCghfJC74lE1YzDhMpGjynMnfN31hYNCsFwKNLPs4OJgRrsLkkM6MnBU609wiiFiw6rx0FiX1TuKHmNENQGqyFk"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 14:32:41 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=64070&sent=206&recv=71&lost=0&retrans=0&sent_bytes=255296&recv_bytes=4176&delivery_rate=979877&cwnd=117&unsent_bytes=10376&cid=7d7b6a5a9622016f&ts=539&x=0"
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 12:40:41 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8deb83ff2f1ae3f6-OTP
access-control-allow-origin
*
server
cloudflare
67cfe1a8-2fc55acb4a00f961.js
webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/
169 KB
53 KB
Script
General
Full URL
https://webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/67cfe1a8-2fc55acb4a00f961.js
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
408fa4202fb7215854b8df73fdf975ab2f598f54b2c0f7a04b9e8a11772e2e44

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/SSQ

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672a1249-2a31f"
age
6993
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iKFifpgKhuDVe83POq3hjwHD1zoCnsGydviigiGJygjaV%2B1o%2FUMRLYfe4PzXWF0D4HPBmtFboMSwMGcM6xNg6Rat3DHGgYFPh6X%2FEsWUR0vCFh2cOH8u9%2B1L%2BcYl9JCKL8NvGkXBLtSbOlSQA77g"}],"group":"cf-nel","max_age":604800}
expires
Sun, 17 Nov 2024 05:16:00 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=63918&sent=230&recv=80&lost=0&retrans=0&sent_bytes=286424&recv_bytes=4176&delivery_rate=1027874&cwnd=135&unsent_bytes=36316&cid=7d7b6a5a9622016f&ts=550&x=0"
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 12:40:41 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8deb83ff2f1be3f6-OTP
access-control-allow-origin
*
server
cloudflare
221-89baa616a8f4e3e1.js
webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/
121 KB
31 KB
Script
General
Full URL
https://webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/221-89baa616a8f4e3e1.js
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d337a8dd4c9965b9e18b0ed60d86565a6be0ca72580aee934e1d6f4d979c3bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/SSQ

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672a1249-1e28f"
age
59251
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KiqoCKm38W8vgDeQNztgdtfqjXBvldL4wiO%2BzsP2buvgFTY0sj4q19MMSz%2BehBd8mxkrr4ntAo6g90vT59MYH5j2dUoDpYAU2riBRm5eTl%2FuZeUA1QaDP5d%2B5cFEM2WhAwFwp%2FLY31JH4WMag5Ao"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 14:45:02 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=64045&sent=206&recv=72&lost=0&retrans=0&sent_bytes=255296&recv_bytes=4176&delivery_rate=999129&cwnd=119&unsent_bytes=10376&cid=7d7b6a5a9622016f&ts=540&x=0"
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 12:40:41 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8deb83ff2f1de3f6-OTP
access-control-allow-origin
*
server
cloudflare
main-app-789985ef8480450d.js
webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/
463 B
726 B
Script
General
Full URL
https://webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/main-app-789985ef8480450d.js
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
686a2efd3acf18539e665c6d82e8ed4561c0ffa11e854b738d0c97295abc8d1a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/SSQ

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"672a1249-1cf"
age
59251
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sNNSTh6qqndPj4Ix59%2BJc1wkvwgZOQkYaNrt%2BxbDhMBNp5QTTAgWc5vGZ20iTcC9KHsZGkfW%2FeAdNOuhlCZcyRb%2BAzFlFbPCzCWDEnIH99wLNMMliGyo97rjo1mFaMtRjWJTGiZmfHy84%2F79bfvq"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 14:45:02 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=64012&sent=210&recv=73&lost=0&retrans=0&sent_bytes=260484&recv_bytes=4176&delivery_rate=1018381&cwnd=121&unsent_bytes=62256&cid=7d7b6a5a9622016f&ts=542&x=0"
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 12:40:41 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8deb83ff2f1fe3f6-OTP
access-control-allow-origin
*
server
cloudflare
3723546d-cf7ac19b252cd23a.js
webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/
693 B
953 B
Script
General
Full URL
https://webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/3723546d-cf7ac19b252cd23a.js
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9fcaa637ae5fbbebb862692b83eefadf49e29f74dd90ae6f2d160604dd2cfe06

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/SSQ

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"672a1249-2b5"
age
59251
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ZEXwGlxRKIQxu1W8z9KY34LfG%2FnByGBCN%2FprLAxBxKV7Gwml7FAF219QXfbBuHrwuZYvTrvGhcK0IgrlVhpGyZk4%2BGnuEO0tjBfCwFDGhDqcpJxrRk0EortLr7yGW7bUfnhMAw%2BDEvyr6tpxoKW"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 14:45:02 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=64012&sent=210&recv=73&lost=0&retrans=0&sent_bytes=260484&recv_bytes=4176&delivery_rate=1018381&cwnd=121&unsent_bytes=62256&cid=7d7b6a5a9622016f&ts=541&x=0"
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 12:40:41 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8deb83ff2f21e3f6-OTP
access-control-allow-origin
*
server
cloudflare
394-a0764dc538c9e769.js
webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/
45 KB
14 KB
Script
General
Full URL
https://webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/394-a0764dc538c9e769.js
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ae9c4d16eb4e31b0985c5425cc1e84e259d96a1baa0d117c665227c95eee4c88

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/SSQ

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672a1249-b22b"
age
59250
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GeEmsPlUedH7vIROTmdhk4yu1L1SRWXYWpiQZFtEc3sm20dlGXcNWPV3X%2BphnR0oEbFHt62XGRqgDkC%2FsdyXswqH%2BdpgP97GwpzmtMoTKfdrx%2BXgtFjJSlrRbV6SkRrKPS9GXPRgwqW%2BqAR6aJX%2F"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 14:45:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=64012&sent=212&recv=73&lost=0&retrans=0&sent_bytes=263078&recv_bytes=4176&delivery_rate=1018381&cwnd=121&unsent_bytes=59662&cid=7d7b6a5a9622016f&ts=542&x=0"
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 12:40:41 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8deb83ff2f22e3f6-OTP
access-control-allow-origin
*
server
cloudflare
466-573f668dbff00d7d.js
webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/
407 KB
112 KB
Script
General
Full URL
https://webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/466-573f668dbff00d7d.js
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01edb16f9542c1d539b3a907596b9e011bb88bf4e3b2bce5887b6a4cb6dd73f9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/SSQ

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672a1249-65aa5"
age
59250
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7eHfOKnJh4P5ARQDQ6BL4DEr5A3irpKV44zX1mDsllNYPlQoXOVGtnqPB%2Ff5UsSi7L5aZOhaVGa5%2BQzHvp%2FjLJVSGGomYKkk7iC0jEVAg%2BTQzmf%2Fe%2FM8nn4jpeQ8ocb4tuLOl1YOCNyhqNyC%2B53b"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 14:45:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=64032&sent=212&recv=74&lost=0&retrans=0&sent_bytes=263078&recv_bytes=4176&delivery_rate=973372&cwnd=123&unsent_bytes=59662&cid=7d7b6a5a9622016f&ts=542&x=0"
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 12:40:41 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8deb83ff2f23e3f6-OTP
access-control-allow-origin
*
server
cloudflare
86-42c5b9d59b45d324.js
webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/
20 KB
8 KB
Script
General
Full URL
https://webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/86-42c5b9d59b45d324.js
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aead8b44de6b3bbe49836f1047541c53687cd08e204ac06aca8a5c038bfcf95f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/SSQ

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672a1249-4ff6"
age
58591
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bxV76RfR%2Fy%2Buwobzb5K3do%2FpcGWmaGdeDcTJCpVIidvBfV%2FT71L6YV1bgjMZLk72pBNNEeRyOADyppwnkwddwKLslhflEXb5l1Sun9vNFuBIkGqPZ2GOXlDayW%2Fn59rQEruz9GW3C%2F48SkUm9miS"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 14:56:02 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=63998&sent=214&recv=75&lost=0&retrans=0&sent_bytes=265672&recv_bytes=4176&delivery_rate=972826&cwnd=125&unsent_bytes=57068&cid=7d7b6a5a9622016f&ts=543&x=0"
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 12:40:41 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8deb83ff2f24e3f6-OTP
access-control-allow-origin
*
server
cloudflare
page-71e94b0534cc14df.js
webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/app/
159 KB
104 KB
Script
General
Full URL
https://webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/app/page-71e94b0534cc14df.js
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4058c13ad64355d07a53a55cf28e259115c2240fdbe5e2d7f425b051ea26f39d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/SSQ

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672a1249-27a16"
age
58591
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FetrjwRUV4Qo%2BXFJIQsP0%2FdyIjs7hxsrmQqqQsa2SFbD34a1QqEqmJPoLRcs9xcedJmu4v9klgAUp9mpPHZzvhXX6zLmWs2%2FVMKpZYl8%2Fo0TWaQlDaZs6QL9LaIP4Je7KCE5OwHkjfF7Cal%2Br825"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 14:56:02 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=63998&sent=216&recv=75&lost=0&retrans=0&sent_bytes=268266&recv_bytes=4176&delivery_rate=972826&cwnd=125&unsent_bytes=54474&cid=7d7b6a5a9622016f&ts=544&x=0"
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 12:40:41 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8deb83ff2f26e3f6-OTP
access-control-allow-origin
*
server
cloudflare
635-5f2cab273f5e0921.js
webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/
7 KB
3 KB
Script
General
Full URL
https://webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/635-5f2cab273f5e0921.js
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
053dce4170a3cfb99f0740049f5870f5831b8c4435c86bc9fde32b8d2cdd0e39

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/SSQ

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
W/"672a1249-1bb9"
age
58591
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3x8wL42ni%2BMhsnxWoir7ktiZNUmmmhqGDuCsBEal1Efb0DQq3XIpAMyuhnMhKDdBTyYTW3rB9tsxuMmsqcWm%2FqrR68rcFMvVb%2F%2FYfgvKUV7KYk8ApZpnph6lOKlSfYgHqCH356oEsYZl8rDarwen"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 14:56:02 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=63998&sent=216&recv=75&lost=0&retrans=0&sent_bytes=268266&recv_bytes=4176&delivery_rate=972826&cwnd=125&unsent_bytes=54474&cid=7d7b6a5a9622016f&ts=544&x=0"
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 12:40:41 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8deb83ff2f28e3f6-OTP
access-control-allow-origin
*
server
cloudflare
layout-4487e13d8944ad03.js
webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/app/
4 KB
2 KB
Script
General
Full URL
https://webplatform.buzz/lander/sber-180-with-agreement----sberq-v2-klmt-/_next/static/chunks/app/layout-4487e13d8944ad03.js
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:912 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cffecd29de59e09d8cdbb3d63b876434a071fa4f8094a9a9a2a9fbb0b4670f3f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/SSQ

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"672a1249-ed5"
age
58590
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ex9ZAyiX2wgjl21hJEkaMRegSUfVt%2FCI8oA6yTz3apv1Rv3mjt2wV%2FleO%2Bolss94mLPnY7N1UekqutE8cje33q70IGNs60U6V7VT4CtOnMGFOvvPqXh3JBF2ck0XFd8lZFxUZ2uM5p55Kmgdnlud"}],"group":"cf-nel","max_age":604800}
expires
Sat, 16 Nov 2024 14:56:03 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=64437&sent=399&recv=121&lost=0&retrans=0&sent_bytes=505617&recv_bytes=4300&delivery_rate=1954891&cwnd=216&unsent_bytes=49286&cid=7d7b6a5a9622016f&ts=604&x=0"
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/javascript
last-modified
Tue, 05 Nov 2024 12:40:41 GMT
vary
Accept-Encoding
cache-control
max-age=864000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8deb83ff8f66e3f6-OTP
access-control-allow-origin
*
server
cloudflare
truncated
/
103 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
99ca24887d2b1c9e2fc220bd201d4565210aeccff8b0ae279b995de5ed0e97d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/png
events.js
api.imotech.video/ad/
62 KB
21 KB
Script
General
Full URL
https://api.imotech.video/ad/events.js?pixel_id=null
Requested by
Host: webplatform.buzz
URL: https://webplatform.buzz/SSQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.168.102.27 Amsterdam, Netherlands, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
4de1f50340d63966ec43c7198fc65cdd55599bd931f571c07b8b6424b1c05136

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/

Response headers

cache-control
private, max-age=900
content-encoding
gzip
bigotraceresponse
00-28be43a29de531702ae3a790205eabd2-0-00
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
21593
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/javascript;charset=utf-8
server
openresty
trackingview
api.imotech.video/bigoad/
104 B
241 B
Ping
General
Full URL
https://api.imotech.video/bigoad/trackingview?extra=%7B%22action%22%3A%22no_dsp_config%22%2C%22pixel_id%22%3A%22%22%2C%22wst%22%3A447%2C%22drt%22%3A725%2C%22tdt%22%3A909%2C%22lgt%22%3A1205%7D&pixel_id=log_pixel_id
Requested by
Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.168.102.27 Amsterdam, Netherlands, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
45c11446f7a40d2704e42ee14e18b7c3f757c9c4d7148b8bf0c67f484d806e4f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/

Response headers

bigotraceresponse
00-37dcd3c758289efba504b2ec87774200-0-00
alt-svc
h3=":443"; ma=86400
content-length
104
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/json
server
openresty
trackingview
api.imotech.video/bigoad/
104 B
242 B
Ping
General
Full URL
https://api.imotech.video/bigoad/trackingview?extra=%7B%22action%22%3A%22log_iframe_bbg%22%2C%22pixel_id%22%3A%22%22%2C%22wst%22%3A447%2C%22drt%22%3A725%2C%22tdt%22%3A909%2C%22lgt%22%3A1207%7D&pixel_id=log_pixel_id
Requested by
Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.168.102.27 Amsterdam, Netherlands, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
02783eeb754ecf8558090fcb333b86bbc4679b4596d11fb61499afe95de5fda4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/

Response headers

bigotraceresponse
00-1699df26d2166b8d7b6f01461ac687d6-0-00
alt-svc
h3=":443"; ma=86400
content-length
104
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/json
server
openresty
pixelfile.html
api.imotech.video/ad/ Frame 33D9
0
0
Document
General
Full URL
https://api.imotech.video/ad/pixelfile.html
Requested by
Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.166.188.188 Amsterdam, Netherlands, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
openresty /
Resource Hash

Request headers

Referer
https://webplatform.buzz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
bigotraceresponse
00-2c9624c7e95e7ff79787ff5dd7d525cd-0-00
content-encoding
gzip
content-type
text/html;charset=utf-8
date
Thu, 07 Nov 2024 07:12:33 GMT
server
openresty
trackingview
api.imotech.video/bigoad/
104 B
240 B
Ping
General
Full URL
https://api.imotech.video/bigoad/trackingview?extra=%7B%22action%22%3A%22log_no_bbg%22%2C%22pixel_id%22%3A%22%22%2C%22wst%22%3A447%2C%22drt%22%3A725%2C%22tdt%22%3A909%2C%22lgt%22%3A1468%7D&pixel_id=log_pixel_id
Requested by
Host: api.imotech.video
URL: https://api.imotech.video/ad/events.js?pixel_id=null
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.168.102.27 Amsterdam, Netherlands, ASN10122 (NETSTAR-AS-AP NETSTAR SG PTE. LTD., SG),
Reverse DNS
Software
openresty /
Resource Hash
f07667fa63c5a0cdbae096811caec8619f7a8113e70e8477f20e7af4c1482670

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://webplatform.buzz/

Response headers

bigotraceresponse
00-2bc1edd39ee67adac2adce1aac92773e-0-00
alt-svc
h3=":443"; ma=86400
content-length
104
date
Thu, 07 Nov 2024 07:12:33 GMT
content-type
application/json
server
openresty

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: SberBank (Banking)

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __next_f object| webpackChunk_N_E object| next function| bge function| bge_ec_register object| bgdataLayer function| onSendLead object| $$baseConfig object| $$requestStack object| $$bgeConfigs boolean| $$finishCheckBBG

4 Cookies

Domain/Path Name / Value
webplatform.buzz/ Name: _subid
Value: 2b5nook23i16
webplatform.buzz/ Name: 22272
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjczXCI6MTczMDk2MzU1Mn0sXCJjYW1wYWlnbnNcIjp7XCIyMlwiOjE3MzA5NjM1NTJ9LFwidGltZVwiOjE3MzA5NjM1NTJ9In0.iJwUKUJKyiAzC0mO0hCDfALC-4Pa-y70mkAZVc5WtK0
webplatform.buzz/ Name: _token
Value: uuid_2b5nook23i16_2b5nook23i16672c6860d59e75.36018241
webplatform.buzz/ Name: _bge_ci
Value: BA1.1.182849153.1730963554

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.imotech.video
webplatform.buzz
104.166.188.188
202.168.102.27
2606:4700:3031::6815:912
01edb16f9542c1d539b3a907596b9e011bb88bf4e3b2bce5887b6a4cb6dd73f9
02783eeb754ecf8558090fcb333b86bbc4679b4596d11fb61499afe95de5fda4
053dce4170a3cfb99f0740049f5870f5831b8c4435c86bc9fde32b8d2cdd0e39
392edc1bab5e4efa39865ce86a89442f8a167d8ef1e44ab8421ef5972243c5c4
4058c13ad64355d07a53a55cf28e259115c2240fdbe5e2d7f425b051ea26f39d
408fa4202fb7215854b8df73fdf975ab2f598f54b2c0f7a04b9e8a11772e2e44
45c11446f7a40d2704e42ee14e18b7c3f757c9c4d7148b8bf0c67f484d806e4f
4de1f50340d63966ec43c7198fc65cdd55599bd931f571c07b8b6424b1c05136
686a2efd3acf18539e665c6d82e8ed4561c0ffa11e854b738d0c97295abc8d1a
7d337a8dd4c9965b9e18b0ed60d86565a6be0ca72580aee934e1d6f4d979c3bd
99c03797d12d32a99ac90a9c83d7f223d7adc1f0d6b5fcf01826d1b2c52aae38
99ca24887d2b1c9e2fc220bd201d4565210aeccff8b0ae279b995de5ed0e97d1
9e0c93ff9ff4c5837e632e0be3840d7bb6692d64851df3768d62000896680976
9fcaa637ae5fbbebb862692b83eefadf49e29f74dd90ae6f2d160604dd2cfe06
ae9c4d16eb4e31b0985c5425cc1e84e259d96a1baa0d117c665227c95eee4c88
aead8b44de6b3bbe49836f1047541c53687cd08e204ac06aca8a5c038bfcf95f
c80f537c406044d22d7d57820b23c5645d823b75012d3493fbda129f8d159184
cffecd29de59e09d8cdbb3d63b876434a071fa4f8094a9a9a2a9fbb0b4670f3f
f07667fa63c5a0cdbae096811caec8619f7a8113e70e8477f20e7af4c1482670