9dcx.buzz
Open in
urlscan Pro
2606:4700:3030::6815:113
Malicious Activity!
Public Scan
Submission Tags: https://phish.report @phish_report Search All
Submission: On April 09 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by GTS CA 1P5 on April 4th 2023. Valid for: 3 months.
This is the only time 9dcx.buzz was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Scam (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
13 | 2606:4700:303... 2606:4700:3030::6815:113 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
3 | 2a00:1450:400... 2a00:1450:4001:82a::2008 | 15169 (GOOGLE) (GOOGLE) | |
2 | 108.138.7.86 108.138.7.86 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2606:4700:e2:... 2606:4700:e2::ac40:840f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:82b::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2600:9000:249... 2600:9000:2491:b400:d:e9c:2500:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:80b::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2606:4700::68... 2606:4700::6810:5814 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 2001:4860:480... 2001:4860:4802:32::36 | 15169 (GOOGLE) (GOOGLE) | |
5 | 2600:9000:249... 2600:9000:2491:b600:1c:8de0:8c80:21 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a00:1450:400... 2a00:1450:4001:812::2003 | 15169 (GOOGLE) (GOOGLE) | |
33 | 11 |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-86.fra56.r.cloudfront.net
cdn.linearicons.com |
ASN16509 (AMAZON-02, US)
d2bb5k76l7oivo.cloudfront.net |
ASN16509 (AMAZON-02, US)
d2punpeg7vtjci.cloudfront.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
9dcx.buzz
9dcx.buzz |
541 KB |
6 |
cloudfront.net
d2bb5k76l7oivo.cloudfront.net d2punpeg7vtjci.cloudfront.net |
25 KB |
4 |
google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2284 |
331 B |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
245 KB |
2 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 ajax.googleapis.com — Cisco Umbrella Rank: 357 |
31 KB |
2 |
linearicons.com
cdn.linearicons.com — Cisco Umbrella Rank: 47355 |
24 KB |
1 |
gstatic.com
fonts.gstatic.com |
30 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 374 |
7 KB |
1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1034 |
12 KB |
33 | 9 |
Domain | Requested by | |
---|---|---|
13 | 9dcx.buzz |
9dcx.buzz
|
5 | d2punpeg7vtjci.cloudfront.net |
d2bb5k76l7oivo.cloudfront.net
|
4 | region1.google-analytics.com |
www.googletagmanager.com
|
3 | www.googletagmanager.com |
9dcx.buzz
www.googletagmanager.com |
2 | cdn.linearicons.com |
9dcx.buzz
cdn.linearicons.com |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdn.jsdelivr.net |
9dcx.buzz
|
1 | ajax.googleapis.com |
9dcx.buzz
|
1 | d2bb5k76l7oivo.cloudfront.net |
9dcx.buzz
|
1 | fonts.googleapis.com |
9dcx.buzz
|
1 | use.fontawesome.com |
9dcx.buzz
|
33 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.9dcx.buzz GTS CA 1P5 |
2023-04-04 - 2023-07-03 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-03-20 - 2023-06-12 |
3 months | crt.sh |
cdn.linearicons.com Amazon RSA 2048 M01 |
2023-02-23 - 2024-01-20 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-06-06 - 2023-06-05 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-03-20 - 2023-06-12 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-03-20 - 2023-06-12 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://9dcx.buzz/
Frame ID: E7A707F8A6C3EA4C1FD3A373B26DC4E8
Requests: 33 HTTP requests in this frame
Screenshot
Page Title
Robux Generator | 3dcx.seDetected technologies
particles.js (JavaScript Graphics) ExpandDetected patterns
- <div id="particles-js">
- /particles(?:\.min)?\.js
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
animate.css (Web Frameworks) Expand
Detected patterns
- <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Font Awesome (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
9dcx.buzz/ |
5 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
235 KB 81 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-font.min.css
cdn.linearicons.com/free/1.0.0/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
use.fontawesome.com/releases/v5.5.0/css/ |
50 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
5 KB 932 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
9dcx.buzz/css/ |
152 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
animate.css
9dcx.buzz/css/ |
76 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
magnific-popup.css
9dcx.buzz/css/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
9dcx.buzz/css/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3c21df7.js
d2bb5k76l7oivo.cloudfront.net/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
243 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo.png
9dcx.buzz/img/ |
55 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ |
82 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
particles.min.js
cdn.jsdelivr.net/particles.js/2.0.0/ |
23 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ion.sound.min.js
9dcx.buzz/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
9dcx.buzz/js/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 242 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
html.3325057.f5421.0.js
d2punpeg7vtjci.cloudfront.net/public/external/v2/ |
9 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css_front.css
d2punpeg7vtjci.cloudfront.net/public/external/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
243 KB 82 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main-bg.jpg
9dcx.buzz/img/ |
139 KB 140 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
header-bg.jpg
9dcx.buzz/img/ |
300 KB 300 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
memjYa2wxmKQyPMrZX79wwYZQMhsyuSLiIvS.woff2
fonts.gstatic.com/s/saira/v14/ |
29 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Linearicons-Free.woff2
cdn.linearicons.com/free/1.0.0/ |
21 KB 22 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 55 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
click.mp3
9dcx.buzz/audio/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
injectionprocess.mp3
9dcx.buzz/audio/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
verification.mp3
9dcx.buzz/audio/ |
1 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
d2punpeg7vtjci.cloudfront.net/public/clockers/CustomButton/ |
1010 B 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
guid
d2punpeg7vtjci.cloudfront.net/public/ |
0 276 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
check.php
d2punpeg7vtjci.cloudfront.net/public/external/ |
78 B 372 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
region1.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
region1.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Scam (Online)44 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless function| gtag object| dataLayer object| CPABUILDSETTINGS object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| $ function| jQuery function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS object| ion object| human_verification_timer string| $niche_name string| $console_message_1_1 string| $console_message_1_2 string| $console_message_2 string| $console_message_3 string| $console_message_4 string| $console_message_5 string| $console_message_6 number| $sound_setting4 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.9dcx.buzz/ | Name: _ga Value: GA1.1.1236221868.1681047875 |
|
.9dcx.buzz/ | Name: _ga_H24Y5172VC Value: GS1.1.1681047874.1.0.1681047874.0.0.0 |
|
9dcx.buzz/ | Name: _cpguid Value: 6nfqso16l |
|
.9dcx.buzz/ | Name: _ga_1M65CF6JZS Value: GS1.1.1681047874.1.0.1681047874.0.0.0 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
9dcx.buzz
ajax.googleapis.com
cdn.jsdelivr.net
cdn.linearicons.com
d2bb5k76l7oivo.cloudfront.net
d2punpeg7vtjci.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
region1.google-analytics.com
use.fontawesome.com
www.googletagmanager.com
108.138.7.86
2001:4860:4802:32::36
2600:9000:2491:b400:d:e9c:2500:21
2600:9000:2491:b600:1c:8de0:8c80:21
2606:4700:3030::6815:113
2606:4700::6810:5814
2606:4700:e2::ac40:840f
2a00:1450:4001:80b::200a
2a00:1450:4001:812::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200a
04ace6f2dd8e4fe22d51727b69c9d36081423ebd46c73068e74fdd8073dfdffd
0f642beb218e1d08c2e52fbe7010f0a7477282e5b6d0738fc89b83280fdf9fa2
151450ec93865315bcbad0124b8237baf25a1a9e922e3f0618f98876267c0c87
1520e67c06c2b44c67aec9833b5f1c5324c2cc8842d82f7cc3509adc34c95a0a
1ffa53f643b4354385bf7953613aceff9a34b42bbaf15443aa9ce4006c159d2f
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
296945e5922e764eef17b1b4a3ee3e60dc202b3c7f074150b62158915bf74e33
31ca8fc4bb190118851959f282909af4a8f6e782b69dcfbe00094ffc010878b3
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5eead62a5f47638f96bf29c096ab957d54bed0790f3005c5037700c90be51f37
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
86042c440b512c5faf1d1b6119ba406a130652709a4fcc6f9ae12c26a1142c2d
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a26e93cd74267757d1dc1ca2a996b3dcd812f7bbf4d14b203faad20684bd226d
a6bd510fcb0a3e7e274824c8272223a2d9d664ce6634559f18200f9fc0bb4371
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
b0c075a36b9e734800468958ed91ad4f7f9610c38b401d25cedb179d9a90e7c1
c56b2181be85a68f703ebfc9099f0884a61ca549a69255cb25ab14b8b08c763f
d212a5a732e0632cb7a63412830a021c8c0a4aaa835a604ef008c1b0e4b00300
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef195f5f94d922a4e67e7bc5e935b824b72e8b72e10aedc7d53de7b2c7053371
f60bde05f91379b7b4fd43d1b50b06a2bab2ffbb3d4b1e28c849f823103fe2da
f76921647444b4eb480af537d55f864e8852e709f0bfc04c04ab58c33841fa4e
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6