blockchaincomexplorer.z13.web.core.windows.net
Open in
urlscan Pro
52.239.152.65
Malicious Activity!
Public Scan
Effective URL: https://blockchaincomexplorer.z13.web.core.windows.net/
Submission: On June 11 via manual from CA
Summary
TLS certificate: Issued by Microsoft IT TLS CA 5 on April 30th 2019. Valid for: 2 years.
This is the only time blockchaincomexplorer.z13.web.core.windows.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Blockchain (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 52.239.152.65 52.239.152.65 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) | |
1 | 118.97.116.2 118.97.116.2 | 17974 (TELKOMNET...) (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia) | |
9 | 2 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
blockchaincomexplorer.z13.web.core.windows.net |
ASN17974 (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia, ID)
PTR: 2.subnet118-97-116.static.astinet.telkom.net.id
p01.notifa.info |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
windows.net
blockchaincomexplorer.z13.web.core.windows.net |
45 KB |
1 |
notifa.info
p01.notifa.info |
986 B |
9 | 2 |
Domain | Requested by | |
---|---|---|
8 | blockchaincomexplorer.z13.web.core.windows.net |
blockchaincomexplorer.z13.web.core.windows.net
|
1 | p01.notifa.info |
blockchaincomexplorer.z13.web.core.windows.net
|
9 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.web.core.windows.net Microsoft IT TLS CA 5 |
2019-04-30 - 2021-04-30 |
2 years | crt.sh |
*.uzone.id COMODO RSA Domain Validation Secure Server CA |
2016-01-27 - 2019-01-26 |
3 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://blockchaincomexplorer.z13.web.core.windows.net/
Frame ID: 65CDACEF4AE6921A605C4DA200090D17
Requests: 9 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
blockchaincomexplorer.z13.web.core.windows.net/ |
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0112.png
blockchaincomexplorer.z13.web.core.windows.net/images/ |
18 KB 19 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blockv.png
blockchaincomexplorer.z13.web.core.windows.net/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
data.png
blockchaincomexplorer.z13.web.core.windows.net/images/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
en.png
blockchaincomexplorer.z13.web.core.windows.net/images/ |
967 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app.png
blockchaincomexplorer.z13.web.core.windows.net/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
button2.png
blockchaincomexplorer.z13.web.core.windows.net/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bgb3.png
blockchaincomexplorer.z13.web.core.windows.net/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
request
p01.notifa.info/3fsmd3/ |
393 B 986 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Blockchain (Crypto Exchange)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask function| unhideBody function| netbro_cache_analytics function| sync function| requestCfs function| loadFrame0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blockchaincomexplorer.z13.web.core.windows.net
p01.notifa.info
118.97.116.2
52.239.152.65
3c8027e47b41870fb0f3c1a9066cc230b16b178c569c1a7197a411966177cdf2
4bed72f44e8337fb4f0afe4e1567ba1a5cf11e6ca01d3d2d5ef286f46dbe5ad6
9ebb21fa38cb0f17d7929d54d2a02eccfd69e14e3917ab5b9f87c9532461c309
b2fa491352e2d16022051f05c70a76a6ef801a21b6555c94e6198635852f4679
c05380af61d626dd57101ff15027604cc4780561324f4482e74fb7dd6ca13318
c8d389f0fcee8945d24c920813bee5ecb6a488e5516907386845af3538b60792
daf11702de48ec4fd2b7597e397ad16960b73c7e588d3fe73a026b162881fde4
e3e4b2f8f6432fbf222c2b7f02a2a1476faac8d1fa64bec83ab68c0127251ee7
f3e9331146bbe6fa8bcab174913e471c162562f1711a06dc1a605ec26f53a2f6