w.restore-mainnet.buzz
Open in
urlscan Pro
95.217.105.242
Public Scan
Submission Tags: cryptocurrency phishing scam Search All
Submission: On February 27 via api from US — Scanned from FI
Summary
TLS certificate: Issued by R3 on February 4th 2023. Valid for: 3 months.
This is the only time w.restore-mainnet.buzz was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 95.217.105.242 95.217.105.242 | 24940 (HETZNER-AS) (HETZNER-AS) | |
4 | 185.244.36.216 185.244.36.216 | 62068 (SPECTRAIP...) (SPECTRAIP SpectraIP B.V.) | |
18 | 3 |
ASN24940 (HETZNER-AS, DE)
PTR: static.242.105.217.95.clients.your-server.de
w.restore-mainnet.buzz |
ASN62068 (SPECTRAIP SpectraIP B.V., NL)
PTR: s12.ams2.web.phanes.cloud
securevalidation.network |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
restore-mainnet.buzz
w.restore-mainnet.buzz |
212 KB |
4 |
securevalidation.network
securevalidation.network |
|
0 |
Failed
function sub() { [native code] }. Failed |
|
18 | 3 |
Domain | Requested by | |
---|---|---|
13 | w.restore-mainnet.buzz |
w.restore-mainnet.buzz
|
4 | securevalidation.network |
w.restore-mainnet.buzz
|
0 | kmendfapggjehodndflmmgagdbamhnfd Failed |
w.restore-mainnet.buzz
|
18 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
app.defisaver.com |
medium.com |
discord.gg |
twitter.com |
github.com |
help.defisaver.com |
wallet.coinbase.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
w.restore-mainnet.buzz R3 |
2023-02-04 - 2023-05-05 |
3 months | crt.sh |
securevalidation.network R3 |
2022-12-09 - 2023-03-09 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://w.restore-mainnet.buzz/phrase.php?wallet=MetaMask
Frame ID: EAB73B0F8E50DA9117408DA551B42B0C
Requests: 12 HTTP requests in this frame
Frame:
https://w.restore-mainnet.buzz/index_1.html
Frame ID: 93F6697FE70CD61E08C64C07D92304A3
Requests: 4 HTTP requests in this frame
Frame:
chrome-extension://kmendfapggjehodndflmmgagdbamhnfd/u2f-comms.html
Frame ID: A74EDA46C688E3499D7C7B2400AD74A2
Requests: 1 HTTP requests in this frame
Frame:
https://w.restore-mainnet.buzz/index_2.html
Frame ID: 0F21101D7EFDA4BC2BC570BD60F28CF2
Requests: 1 HTTP requests in this frame
20 Outgoing links
These are links going to different origins than the main page.
Title: MakerDAO
Search URL Search Domain Scan URL
Title: Compound
Search URL Search Domain Scan URL
Title: Aave
Search URL Search Domain Scan URL
Title: Reflexer
Search URL Search Domain Scan URL
Title: Liquity
Search URL Search Domain Scan URL
Title: Smart Savings
Search URL Search Domain Scan URL
Title: Exchange
Search URL Search Domain Scan URL
Title: Loan Shifter
Search URL Search Domain Scan URL
Title: Recipe Creator
Search URL Search Domain Scan URL
Title: Bridge
Search URL Search Domain Scan URL
Title: What's new
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Terms of service
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Stats
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Coinbase Wallet
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
18 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
phrase.php
w.restore-mainnet.buzz/ |
897 KB 149 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2.css
w.restore-mainnet.buzz/ |
10 KB 554 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
w.restore-mainnet.buzz/ |
5 KB 489 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
defisaver-logo.svg
w.restore-mainnet.buzz/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
w.restore-mainnet.buzz/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
page-portfolio.svg
w.restore-mainnet.buzz/ |
702 B 662 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
b88934883c5234067b6eccaaf184a9d3067777b7.svg
w.restore-mainnet.buzz/ |
181 B 200 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index_1.html
w.restore-mainnet.buzz/ Frame 93F6 |
97 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET |
u2f-comms.html
kmendfapggjehodndflmmgagdbamhnfd/ Frame A74E |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
index_2.html
w.restore-mainnet.buzz/ Frame 0F21 |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
trans.gif
w.restore-mainnet.buzz/ |
42 B 60 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
48db4be35a6ea391878d6817d025d3275207f4a0.svg
securevalidation.network/app/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
67b1af6a7413f2bc2b55295a4dc220e2332b696b.svg
securevalidation.network/app/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
960bd460e1fa1c799adb6a04d4e0e984b7c40f95.svg
securevalidation.network/app/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ae30a0db41534a2a9125d6831c28fb6b691d745b.svg
securevalidation.network/app/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
css2-1.css
w.restore-mainnet.buzz/ Frame 93F6 |
21 KB 682 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
_.html
w.restore-mainnet.buzz/ Frame 93F6 |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
HelveticaNeueCyr-Bold.woff
w.restore-mainnet.buzz/ Frame 93F6 |
14 KB 14 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- kmendfapggjehodndflmmgagdbamhnfd
- URL
- chrome-extension://kmendfapggjehodndflmmgagdbamhnfd/u2f-comms.html
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 boolean| credentialless0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
kmendfapggjehodndflmmgagdbamhnfd
securevalidation.network
w.restore-mainnet.buzz
kmendfapggjehodndflmmgagdbamhnfd
185.244.36.216
95.217.105.242
07b4e342259f740fd4981e31274412a300bad1fc0d5e6984396f32fa53a96f37
08e03979debb839cde76af0c1909c079db999442befaa1d3a058d88477e7b988
1298f69832436f5c866f064fb5ed3de8bec9844178b992a73c81f527d4f1e4d6
2158e201825fe8aa34bf97e5939b7d166a2d0ce55b6343c3eb910ebb8924409d
38c66f7802111e2fdd81e481a77df1c97694e46e784a1eae0a4ebd813035412c
521cf72f270e326b28f811189c3d2a7a011f46cc5f9ce88e9ca3c2e8548dd483
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
8897e887a742a53d06f32f3a6cc4596a59c138875bcea16489f7e5da9729766e
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
c42a6529c3e83f3c7f64fdce21518811e8ad61f008543c70a9cf05b29e9a5afd
c68aeb627331b880b529079eeddccafece2d9e1fda565fa7bc9277901454a90c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629