webbuzz.io Open in urlscan Pro
78.46.105.27 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://museumstudies.me/tls/?s=FhHHdonyMxEDnxOE1KzkHMAlPXlwxhaD8LEIO7Q9LbcUZWOxNNBeKvv1V4zFdyNkOeySlJWsFxNB6
Effective URL:
https://webbuzz.io/wp-app/
Submission Tags: @phish_report
Submission: On June 14 via api (June 14th 2024, 3:11:21 am UTC) from FI — Scanned from FI

Summary HTTP 30 Redirects Links 51 Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 30 HTTP transactions. The main IP is 78.46.105.27, located in Germany and belongs to HETZNER-AS, DE. The main domain is webbuzz.io.
TLS certificate: Issued by R3 on April 24th 2024. Valid for: 3 months.

This is the only time webbuzz.io was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic Crypto (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
1 1	77.72.82.24 77.72.82.24	7393 (CYBERCON) (CYBERCON)
4	78.46.105.27 78.46.105.27	24940 (HETZNER-AS) (HETZNER-AS)
2	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
22	104.18.27.46 104.18.27.46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	76.76.21.98 76.76.21.98	16509 (AMAZON-02) (AMAZON-02)
30	6

1 77.72.82.24 (St Louis, United States) 1 redirects

ASN7393 (CYBERCON, US)
PTR: cp17a.ezhostingserver.com

museumstudies.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 78.46.105.27 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: business500.mypowerfulserver.com

webbuzz.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.18.27.46 (None, )

ASN13335 (CLOUDFLARENET, US)

explorer-api.walletconnect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.76.21.98 (Walnut, United States)

ASN16509 (AMAZON-02, US)

pro.opensea.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	walletconnect.com explorer-api.walletconnect.com — Cisco Umbrella Rank: 66251	54 KB
4	webbuzz.io webbuzz.io	10 MB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 265	143 KB
1	opensea.io pro.opensea.io — Cisco Umbrella Rank: 848926	5 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 373	51 KB
1	museumstudies.me 1 redirects museumstudies.me	287 B
30	6

	Domain	Requested by
22	explorer-api.walletconnect.com	webbuzz.io
4	webbuzz.io	webbuzz.io
2	cdnjs.cloudflare.com	webbuzz.io
1	pro.opensea.io	webbuzz.io
1	cdn.jsdelivr.net	webbuzz.io
1	museumstudies.me	1 redirects
30	6

This site contains links to these domains. Also see Links.

Domain
pro.opensea.io
support.opensea.pro
discord.gg
x.com
opensea.io
raw.seadn.io
roadmap.opensea.pro

Subject Issuer	Validity	Valid
*.webbuzz.io R3	`2024-04-24` - `2024-07-23`	3 months	crt.sh
cdnjs.cloudflare.com E1	`2024-06-02` - `2024-08-31`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
walletconnect.com GTS CA 1P5	`2024-04-26` - `2024-07-25`	3 months	crt.sh
pro.opensea.io R3	`2024-05-13` - `2024-08-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://webbuzz.io/wp-app/
Frame ID: C1E17CD7094DE897C85747D1387F902F
Requests: 76 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://museumstudies.me/tls/?s=FhHHdonyMxEDnxOE1KzkHMAlPXlwxhaD8LEIO7Q9LbcUZWOxNNBeKvv1V4zFdyNkOeySl... HTTP 302
https://webbuzz.io/wp-app/ Page URL

Detected technologies

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

30
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

10744 kB
Transfer

27037 kB
Size

0
Cookies

51 Outgoing links

These are links going to different origins than the main page.

URL: https://pro.opensea.io/

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/watchlist
Title: Watchlist

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/portfolio
Title: Owned

Search URL Search Domain Scan URL

URL: https://support.opensea.pro/hc/en-us/articles/15883004937235-Which-marketplaces-does-OpenSea-Pro-support-
Title: 170 marketplaces

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/pixelmongen1
Title: 1Pixelmon - Generation 10.715-43.21%0.66417.03+196.64%439+306.48%2,653(21.11%)390/13K (3.1%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/milady
Title: 2Milady Maker4.797-6.85%4.74398.83+107.86%81+113.16%4,849(49.82%)509/9.7K (5.23%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/azuki
Title: 3Azuki4.352+0.05%4.31289.51+720.06%45+462.5%4,170(41.7%)241/10K (2.41%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/boredapeyachtclub
Title: 4Bored Ape Yacht Club11.891-1.8%11.4422233.82+26.86%19+26.67%5,358(53.59%)252/10K (2.52%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/degods-eth
Title: 5DeGods1.27-3.2%1.23207.64+159.4%160+166.67%1,964(34.7%)173/5.7K (3.06%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/pudgypenguins
Title: 6Pudgy Penguins10.44-2.42%9.93178.13+55.56%17+54.55%4,924(55.41%)255/8.9K (2.87%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/memelandcaptainz
Title: 7Memeland Captainz3.255+3.14%3.16177.37+170.04%52+147.62%3,726(37.26%)115/10K (1.15%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/mutant-ape-yacht-club
Title: 8Mutant Ape Yacht Club1.99-7.57%2.00171.95+79.57%83+88.64%11,457(58.77%)603/19K (3.09%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/remilio-babies
Title: 9Redacted Remilio Babies1.566-5.09%1.55138.96-24.67%88-24.79%4,153(45.28%)525/9.2K (5.72%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/kanpai-pandas
Title: 10Kanpai Pandas1.20+6.29%1.1684.56+58.91%75+59.57%3,083(38.67%)224/8K (2.81%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/trainersgen1
Title: 11Pixelmon Trainers - Generation 10.111-62.36%0.1172.05+278.85%394+277.88%1,320(18.86%)202/7K (2.89%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/azukielementals
Title: 12Azuki Elementals0.367-7.56%0.3664.03+84.25%157+273.81%5,519(34.28%)419/16K (2.6%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/lilpudgys
Title: 13Lil Pudgys0.83-2.01%0.828360.88-12.9%72-12.2%8,167(37.71%)846/22K (3.91%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/mocaverse
Title: 14Mocaverse3.77-4.02%3.6047.82+241.45%13+225%1,997(22.47%)81/8.9K (0.91%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/nexusnodes
Title: 15Nexus Nodes0.86-18.1%0.8247.50+274.74%53+307.69%833(24.99%)125/3.3K (3.75%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/matr1x-kuku
Title: 16MATR1X KUKU1.423-1.86%1.3445.30+32.47%32+33.33%2,041(30.62%)44/6.7K (0.66%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/chronoforge
Title: 17ChronoForge0.358-24.47%0.3143.98+205.35%112+250%1,335(17.8%)277/7.5K (3.69%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/cryptopunks
Title: 18CryptoPunks34.3018-0.86%0.1041.00-41.38%1-50%3,6211,156/10K (11.57%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/proof-moonbirds
Title: 19Moonbirds0.588-3.76%0.5636.03+728.5%61+771.43%5,763(57.64%)347/10K (3.47%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/overworld-incarna
Title: 20OVERWORLD INCARNA0.729-14.23%0.7228.95+106.12%37+184.62%1,780(29.67%)109/6K (1.82%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/azragames-thehopeful
Title: 21Azra Games - The Hopeful0.888-0.22%0.7327.98-3.28%36+9.09%1,419(25.54%)130/5.6K (2.34%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/onchainshiba
Title: 22OnChainShiba0.02+11.73%0.007426.77+149,436.29%13+1,200%299(9.97%)40/3K (1.33%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/cyberkongz-babies
Title: 23CyberKongz (Babies)0.759+16.93%0.6422.45+276.8%32+255.56%1,909(47.73%)78/4K (1.95%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/lasogette
Title: 24Lasogette0.135-20.62%0.121320.93+123.6%155+167.24%2,039(31.74%)309/6.4K (4.81%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/io-imaginary-ones
Title: 25IO: Imaginary Ones0.3595-7.11%0.29120.73+664.74%61+771.43%949(10.68%)135/8.9K (1.52%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/wassiesbywassies
Title: 26Wassies by Wassies0.37+8.06%0.2919.46+788.74%64+966.67%2,877(30.02%)183/9.6K (1.91%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/tglp-genesis
Title: 27Tenset TGLP Genesis1.196-20.27%1.0217.76+108.05%17+142.86%271(27.07%)19/1K (1.9%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/doodles-official
Title: 28Doodles1.579-1.19%1.5115.93+70.75%10+66.67%4,272(42.73%)309/10K (3.09%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/wolf-game
Title: 29Wolf Game0.169+20.8%0.1515.76-35.66%73-23.96%2,670(21%)314/13K (2.47%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/the-lab-scientists
Title: 30The Lab: Scientists10.00-32.89%6.5515.31-2-164(82%)11/200 (5.5%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/sproto-gremlins
Title: 31Sproto Gremlins0.6231+14.79%0.5314.48+119.4%26+100%1,254(37.67%)128/3.3K (3.84%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/sappy-seals
Title: 32Sappy Seals0.409+2.25%0.394714.42+13.05%36+20%1,606(16.06%)156/10K (1.56%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/bored-ape-kennel-club
Title: 33Bored Ape Kennel Club0.3925-1.13%0.385213.99+195.11%36+200%5,042(52.51%)345/9.6K (3.59%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/piratenation
Title: 34Pirate Nation - Founder's Pirates0.8169-17.23%0.7613.95-26.42%16-15.79%2,374(23.74%)208/10K (2.08%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/clonex
Title: 35CLONE X - X TAKASHI MURAKAMI0.483+3.21%0.461613.53+5.2%24+9.09%9,520(48.57%)623/20K (3.18%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/meta-monopoly
Title: 36Meta Monopoly0.45+9.76%0.320112.90+545%21+320%214(50.95%)103/420 (24.52%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/persona
Title: 37Persona0.232+2.65%0.2312.54+131.33%50+117.39%3,362(37.88%)464/8.9K (5.23%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/meebits
Title: 38Meebits0.461+2.67%0.444112.53+364.64%28+366.67%6,453(32.27%)612/20K (3.06%)

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/collection/pixels-farm
Title: 39Pixels - Farm Land1.325-1.76%1.2211.87-4.37%9-876(17.52%)81/5K (1.62%)

Search URL Search Domain Scan URL

URL: https://discord.gg/openseapro

Search URL Search Domain Scan URL

URL: https://x.com/openseapro

Search URL Search Domain Scan URL

URL: https://opensea.io/privacy
Title: Privacy

Search URL Search Domain Scan URL

URL: https://raw.seadn.io/files/OS_Pro_Terms_of_Service_Apr_2023.pdf
Title: Terms

Search URL Search Domain Scan URL

URL: https://roadmap.opensea.pro/
Title: Feedback

Search URL Search Domain Scan URL

URL: https://opensea.io/blog/articles/opensea-pro
Title: Blog

Search URL Search Domain Scan URL

URL: https://opensea.io/careers
Title: Hiring

Search URL Search Domain Scan URL

URL: https://pro.opensea.io/OS_Pro_Terms_of_Service_Apr_2023.pdf

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://museumstudies.me/tls/?s=FhHHdonyMxEDnxOE1KzkHMAlPXlwxhaD8LEIO7Q9LbcUZWOxNNBeKvv1V4zFdyNkOeySlJWsFxNB6 HTTP 302
https://webbuzz.io/wp-app/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
46 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request /
webbuzz.io/wp-app/
Redirect Chain

https://museumstudies.me/tls/?s=FhHHdonyMxEDnxOE1KzkHMAlPXlwxhaD8LEIO7Q9LbcUZWOxNNBeKvv1V4zFdyNkOeySlJWsFxNB6
https://webbuzz.io/wp-app/

13 MB
10 MB

283ms
75ms

Document
text/html

78.46.105.27
HETZNER-AS

General

Source	Level	URL Text
other	warning	URL: https://webbuzz.io/wp-app/(Line 1) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value
other	warning	URL: https://webbuzz.io/wp-app/(Line 28) Message: <link rel=preload> has an invalid `href` value

webbuzz.io Open in urlscan Pro 78.46.105.27 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

30 Requests

100 %HTTPS

17 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

10744 kBTransfer

27037 kBSize

0 Cookies

51 Outgoing links

Page URL History

Redirected requests

30 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 46 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

webbuzz.io Open in urlscan Pro
78.46.105.27 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

30
Requests

100 %
HTTPS

17 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

10744 kB
Transfer

27037 kB
Size

0
Cookies

30 HTTP transactions
46 data transactions