cs2.xmxchat.com
Open in
urlscan Pro
45.207.58.30
Public Scan
Submission Tags: phishingrod
Submission: On July 12 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by E5 on July 11th 2024. Valid for: 3 months.
This is the only time cs2.xmxchat.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
11 | 45.207.58.30 45.207.58.30 | 133199 (SONDERCLO...) (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited) | |
15 | 2 |
ASN133199 (SONDERCLOUDLIMITED-AS-AP SonderCloud Limited, HK)
cs2.xmxchat.com | |
os1.xmxchat.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
xmxchat.com
cs2.xmxchat.com os1.xmxchat.com |
395 KB |
15 | 1 |
Domain | Requested by | |
---|---|---|
9 | os1.xmxchat.com |
cs2.xmxchat.com
os1.xmxchat.com |
2 | cs2.xmxchat.com |
cs2.xmxchat.com
|
15 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
cs2.xmxchat.com E5 |
2024-07-11 - 2024-10-09 |
3 months | crt.sh |
os1.xmxchat.com E5 |
2024-07-11 - 2024-10-09 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://cs2.xmxchat.com/
Frame ID: E206518F02B470A3D4A129BF695626B6
Requests: 4 HTTP requests in this frame
Frame:
https://os1.xmxchat.com/livechat
Frame ID: A58AF9953A39C1009E26461582CA8EAC
Requests: 11 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
cs2.xmxchat.com/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
cs2.xmxchat.com/ |
290 B 394 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocketchat-livechat.min.js
os1.xmxchat.com/livechat/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
livechat
os1.xmxchat.com/ Frame A58A |
534 B 376 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
34248.85b13.js
os1.xmxchat.com/livechat/ Frame A58A |
32 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.a34ad.js
os1.xmxchat.com/livechat/ Frame A58A |
2 KB 961 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
77487.6fb16.js
os1.xmxchat.com/livechat/ Frame A58A |
223 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bundle.26be7.js
os1.xmxchat.com/livechat/ Frame A58A |
20 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
88157.chunk.7aaa4.js
os1.xmxchat.com/livechat/ Frame A58A |
365 KB 96 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2728.chunk.18521.css
os1.xmxchat.com/livechat/ Frame A58A |
58 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2728.chunk.c0e33.js
os1.xmxchat.com/livechat/ Frame A58A |
968 KB 189 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
39537.chunk.a4bdf.js
os1.xmxchat.com/livechat/ Frame A58A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
favicon.ico
cs2.xmxchat.com/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
page.visited
os1.xmxchat.com/api/v1/livechat/ Frame A58A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
page.visited
os1.xmxchat.com/api/v1/livechat/ Frame A58A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- os1.xmxchat.com
- URL
- https://os1.xmxchat.com/livechat/39537.chunk.a4bdf.js
- Domain
- cs2.xmxchat.com
- URL
- https://cs2.xmxchat.com/favicon.ico
- Domain
- os1.xmxchat.com
- URL
- https://os1.xmxchat.com/api/v1/livechat/page.visited
- Domain
- os1.xmxchat.com
- URL
- https://os1.xmxchat.com/api/v1/livechat/page.visited
Verdicts & Comments Add Verdict or Comment
3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 function| getQueryString function| RocketChat0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cs2.xmxchat.com
os1.xmxchat.com
cs2.xmxchat.com
os1.xmxchat.com
45.207.58.30
23ae6a5acf5f1fd6a6175ad2edc7419ee1394c9b62097fee6d6f90b31a5039c1
3a5d0d806df42e63931262ae733a7f4e37afae4f889241103939c998b4117f10
467a236f43bdef4137cc8dc563ec4c33dfdaa7fa1b74498fac94d07f098fef35
59d8e23dde7bfeaaa51e5a8beb97d1db1c68c135e4377a630817b20ecadafe94
639407e6701b74e865e85bf4b8517bde82aefe48c6d559017fc71bdf2a557321
6aab42d753955da156310464a9b8cbbbb312f34618adea3a1abfaab43a92d086
79519e603bdf4e7f2a1664417d1e4b46d02726de0d3dfb967d25e2bd471bacc9
8bb7116628e5cd44d1bd9fff878f82ef2436ab98d34c5f011d1df9f175c3daf3
b4003e2db8affa64691172354db4774393b784ea4e58c1dbcdb5231b9b207b89
ba406a5c98557c724e28d46048811af1005a1f54d6b38ad47b2cc6a517baae0e
c5b38af3381dc3f429cd7ce33d601ada25889b7f032aad8c01f58e20b5f61316