crytptpodlog.azurewebsites.net
Open in
urlscan Pro
20.49.104.41
Malicious Activity!
Public Scan
Effective URL: https://crytptpodlog.azurewebsites.net/
Submission: On May 10 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on March 10th 2023. Valid for: a year.
This is the only time crytptpodlog.azurewebsites.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Crypto.com (Crypto)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 10 | 20.49.104.41 20.49.104.41 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 20.38.37.39 20.38.37.39 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
9 | 23.36.162.17 23.36.162.17 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
5 | 23.36.162.205 23.36.162.205 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
24 | 4 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
crytptpodlog.azurewebsites.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
chat.officemyoffice.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-17.deploy.static.akamaitechnologies.com
cdn.livechatinc.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-205.deploy.static.akamaitechnologies.com
api.livechatinc.com | |
secure.livechatinc.com | |
accounts.livechatinc.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 5442 api.livechatinc.com — Cisco Umbrella Rank: 5050 secure.livechatinc.com — Cisco Umbrella Rank: 6394 accounts.livechatinc.com — Cisco Umbrella Rank: 6956 |
387 KB |
10 |
azurewebsites.net
1 redirects
crytptpodlog.azurewebsites.net |
894 KB |
1 |
officemyoffice.com
chat.officemyoffice.com |
1004 B |
24 | 3 |
Domain | Requested by | |
---|---|---|
10 | crytptpodlog.azurewebsites.net |
1 redirects
crytptpodlog.azurewebsites.net
|
9 | cdn.livechatinc.com |
chat.officemyoffice.com
secure.livechatinc.com |
3 | api.livechatinc.com |
cdn.livechatinc.com
|
1 | accounts.livechatinc.com |
cdn.livechatinc.com
|
1 | secure.livechatinc.com |
cdn.livechatinc.com
|
1 | chat.officemyoffice.com |
crytptpodlog.azurewebsites.net
|
24 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.azurewebsites.net Microsoft Azure TLS Issuing CA 02 |
2023-03-10 - 2024-03-04 |
a year | crt.sh |
chat.officemyoffice.com R3 |
2023-04-03 - 2023-07-02 |
3 months | crt.sh |
livechat.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-02-09 - 2024-02-09 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://crytptpodlog.azurewebsites.net/
Frame ID: D6E185F63C098058B07D3DED800288FA
Requests: 14 HTTP requests in this frame
Frame:
https://secure.livechatinc.com/customer/action/open_chat?license_id=15406401&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: 85FFEB0137E3019704E34D3E7E712F35
Requests: 9 HTTP requests in this frame
Frame:
https://cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
Frame ID: 9D8565671F52A01D49CFB844CCE4BC96
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Crypto | LogInPage URL History Show full URLs
-
http://crytptpodlog.azurewebsites.net/
HTTP 301
https://crytptpodlog.azurewebsites.net/ Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
LiveChat (Live Chat) Expand
Detected patterns
- cdn\.livechatinc\.com/.*tracking\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://crytptpodlog.azurewebsites.net/
HTTP 301
https://crytptpodlog.azurewebsites.net/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
24 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
crytptpodlog.azurewebsites.net/ Redirect Chain
|
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
all.min.css
crytptpodlog.azurewebsites.net/assets/css/ |
58 KB 58 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.css
crytptpodlog.azurewebsites.net/assets/css/ |
157 KB 157 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
crytptpodlog.azurewebsites.net/assets/css/ |
9 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.svg
crytptpodlog.azurewebsites.net/assets/images/ |
3 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bank_img.png
crytptpodlog.azurewebsites.net/assets/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.5.1.min.js
crytptpodlog.azurewebsites.net/assets/js/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popper.js
crytptpodlog.azurewebsites.net/assets/js/ |
514 KB 514 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.min.js
crytptpodlog.azurewebsites.net/assets/js/ |
62 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
livechat.js
chat.officemyoffice.com/ |
744 B 1004 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking.js
cdn.livechatinc.com/ |
86 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/ |
380 B 595 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_configuration
api.livechatinc.com/v3.4/customer/action/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open_chat
secure.livechatinc.com/customer/action/ Frame 85FF |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_localization
api.livechatinc.com/v3.4/customer/action/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.744b3e3c.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 85FF |
210 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.c19a11f1.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 85FF |
46 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.b3c48cb8.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 85FF |
764 KB 207 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
cdn.livechatinc.com/widget/ Frame 85FF |
13 KB 13 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
cdn.livechatinc.com/widget/ Frame 85FF |
12 KB 13 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
token
accounts.livechatinc.com/v2/customer/ Frame 85FF |
195 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
cdn.livechatinc.com/widget/ Frame 85FF |
13 KB 13 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
cdn.livechatinc.com/widget/ Frame 85FF |
12 KB 13 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
cdn.livechatinc.com/widget/ Frame 9D85 |
12 KB 13 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Crypto.com (Crypto)11 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 boolean| credentialless function| $ function| jQuery object| bootstrap object| __lc object| LiveChatWidget function| preventBack boolean| __lc_inited object| LC_API5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.accounts.livechatinc.com/v2/customer/token | Name: __lc_cid Value: 7b4e5f27-4d5d-4c7e-8507-3ca01e40f394 |
|
.accounts.livechatinc.com/v2/customer/token | Name: __lc_cst Value: 9266335a822ac51582942797b19b6333bba6577011aa85b778c09329574e0ea9c582fa82fba23646bfe5062dd421d8e4b21ac9e5684323ce1b151ab28eac |
|
.accounts.livechatinc.com/customer/token | Name: __lc_cid Value: 7b4e5f27-4d5d-4c7e-8507-3ca01e40f394 |
|
.accounts.livechatinc.com/customer/token | Name: __lc_cst Value: 9266335a822ac51582942797b19b6333bba6577011aa85b778c09329574e0ea9c582fa82fba23646bfe5062dd421d8e4b21ac9e5684323ce1b151ab28eac |
|
accounts.livechatinc.com/ | Name: __oauth_redirect_detector Value: counter=1&t=1683688772&tag=ca60373b4b19b607906ea5a1609449dfababfabc |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.livechatinc.com
api.livechatinc.com
cdn.livechatinc.com
chat.officemyoffice.com
crytptpodlog.azurewebsites.net
secure.livechatinc.com
20.38.37.39
20.49.104.41
23.36.162.17
23.36.162.205
084e5bcdbf882f888f535a5ed948033066d45fd516e4bc6dd4ba887d5119b1d2
087e2135fd940f20f3e8f8dceae10b37546aa902b3d43e25de88410c8d933ea3
33f92b98ff62bf6bcb22bcd0499674f5f49b7d0d826207a57b1a9c54dd42d63d
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f
52bb7446862e479f013494ba2cefb1105c68e66f5be24fb57173c81bb395f8e1
54ac5e85c6ddef42401cacffbcd1b03d7347a432e745e5eb4b878fee45f758e7
5a57fade765437317f5cbe66dfe9ddf445a397dd7b0ba19a591a32aa39b47ae4
614a725fb3e19c1a101d0f5a52ce7e60ea75a40a2fd8462ad33a1e448c8fdf63
76d67b397b5c30aef25be8f1d41c34bef8a8f5b7302e7ebe8310beb72d1caf2f
9a97bb5b4949d8d392aece6a7473b8e8bbf5f8c21e4cab0c961fba8dfd696ba1
ab3cd2fd1ab02294ba337cb9a79a57e3513eb0730cd75575df67f74773ebb4cf
adfbc2a32fd8614e2c66bdc313a1d83cd607b25842ec6fc55e2b942c8216d7a2
b64b23b4a62a17d314b64f2dc76260b4c5bcd10135c092eb59372d998c2ef7ae
be2b9ca50ec3cf8d79a02df98e63ae96ca4a4c4660660cad380f2cdf2d84e568
c4057a0216f2983a15b33c3d461b039f41c423831714a9d60b72c35df7830db0
c493875ea907c37e2ef7b9560f75ad5dd918121a0f42889eda351ccab0373eb1
d55290dbf7bac9b98059b125947ac26d3ead7941fa41b0bcaa3b2c7e8103d1f7
dac32a3172ee625ed61182d523a072e37857404ce4835e08e9d44f3efc0059ec
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6
ebe04d9ed7daab06efc7f3a2470eac26e2f4b02bde0f7986d59d283ab81da4af
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b