buffalotrustonline.com
Open in
urlscan Pro
31.220.90.51
Public Scan
URL:
https://buffalotrustonline.com/css/owl.video.play.html
Submission Tags: @ecarlesi threat #phishing Search All
Submission: On November 02 via api from SG — Scanned from SG
Submission Tags: @ecarlesi threat #phishing Search All
Submission: On November 02 via api from SG — Scanned from SG
Summary
This website contacted 3 IPs
in 2 countries
across 2 domains to perform 12 HTTP transactions.
The main IP is 31.220.90.51, located in
Düsseldorf, Germany and
belongs to CONTABO, DE.
The main domain is buffalotrustonline.com.
TLS certificate: Issued by R3 on November 1st 2023. Valid for: 3 months.
This is the only time buffalotrustonline.com was scanned on urlscan.io!
TLS certificate: Issued by R3 on November 1st 2023. Valid for: 3 months.
This is the only time buffalotrustonline.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 1 | 31.220.90.51 31.220.90.51 | 51167 (CONTABO) (CONTABO) | |
| 10 | 104.22.24.131 104.22.24.131 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 12 | 3 |
1
31.220.90.51
(Düsseldorf, Germany)
ASN51167 (CONTABO, DE)
PTR: server2.hostmane.net
ASN51167 (CONTABO, DE)
PTR: server2.hostmane.net
| buffalotrustonline.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 10 |
tawk.to
embed.tawk.to — Cisco Umbrella Rank: 9846 va.tawk.to — Cisco Umbrella Rank: 9510 |
141 KB |
| 1 |
buffalotrustonline.com
buffalotrustonline.com |
1 KB |
| 12 | 2 |
| Domain | Requested by | |
|---|---|---|
| 8 | embed.tawk.to |
buffalotrustonline.com
embed.tawk.to |
| 2 | va.tawk.to |
embed.tawk.to
|
| 1 | buffalotrustonline.com | |
| 12 | 3 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.buffalotrustonline.com R3 |
2023-11-01 - 2024-01-30 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-28 - 2024-04-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://buffalotrustonline.com/css/owl.video.play.html
Frame ID: 0AC7AE3A63CE22CA1A2DE691AFAF3CD8
Requests: 11 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
12 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
owl.video.play.html
buffalotrustonline.com/css/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1fdaglh9h
embed.tawk.to/611bea2dd6e7610a49b0a253/ |
2 KB 922 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
twk-main.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ |
121 B 262 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
twk-vendor.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ |
81 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ |
212 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
twk-chunk-common.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ |
215 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
twk-runtime.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
twk-app.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/js/ |
151 B 206 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget-settings
va.tawk.to/v1/ |
3 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
start
va.tawk.to/v1/session/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
start
va.tawk.to/v1/session/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
en.js
embed.tawk.to/_s/v4/app/653fa0ef1ea/languages/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- va.tawk.to
- URL
- https://va.tawk.to/v1/session/start
Verdicts & Comments Add Verdict or Comment
12 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| Tawk_API object| Tawk_LoadStart string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| buffalotrustonline.com/ | Name: twk_idm_key Value: Gukmxbw755ujAmUlR4bM- |
|
| buffalotrustonline.com/ | Name: TawkConnectionTime Value: 1698966344513 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
buffalotrustonline.com
embed.tawk.to
va.tawk.to
va.tawk.to
104.22.24.131
31.220.90.51
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
3aa0d2740d1614237f6b7320ea1327440bf30ef6ba86f7ba9e8aa4c190029309
65bdbaaec1ff74d9df4fd4f956873670abb4889552ea955ba329a1c0c44ccd23
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
78278b5c1f2b851af38fe569a9544e265d53a0c0b6f592bb5117f9b2f40c556b
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
988a40deb30ca96a0db8ae7beaaa1bd27e94b484f10bf811384fc4b89dabf066
c402dac34a2ddb65a30763afd1e50c65ccd82117b61a773f2512bc6e2dace631
eee7b852ecab9fe329472a74c43963948e5fb59c0d353db2906cf24c472d0898