blockchaincomexplorer.z13.web.core.windows.net Open in urlscan Pro
52.239.152.65 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://blockchaincomexplorer.z13.web.core.windows.net/
Effective URL:
https://blockchaincomexplorer.z13.web.core.windows.net/
Submission: On June 11 via manual (June 11th 2019, 1:26:01 pm UTC) from CA

Summary HTTP 9 Redirects Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 9 HTTP transactions. The main IP is 52.239.152.65, located in Washington, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is blockchaincomexplorer.z13.web.core.windows.net.
TLS certificate: Issued by Microsoft IT TLS CA 5 on April 30th 2019. Valid for: 2 years.

This is the only time blockchaincomexplorer.z13.web.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Blockchain (Crypto Exchange)

Domain & IP information

	IP Address	AS Autonomous System
8	52.239.152.65 52.239.152.65	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
1	118.97.116.2 118.97.116.2	17974 (TELKOMNET...) (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia)
9	2

8 52.239.152.65 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

blockchaincomexplorer.z13.web.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 118.97.116.2 (Jakarta, Indonesia)

ASN17974 (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia, ID)
PTR: 2.subnet118-97-116.static.astinet.telkom.net.id

p01.notifa.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	windows.net blockchaincomexplorer.z13.web.core.windows.net	45 KB
1	notifa.info p01.notifa.info	986 B
9	2

	Domain	Requested by
8	blockchaincomexplorer.z13.web.core.windows.net	blockchaincomexplorer.z13.web.core.windows.net
1	p01.notifa.info	blockchaincomexplorer.z13.web.core.windows.net
9	2

This site contains no links.

Subject Issuer	Validity	Valid
*.web.core.windows.net Microsoft IT TLS CA 5	`2019-04-30` - `2021-04-30`	2 years	crt.sh
*.uzone.id COMODO RSA Domain Validation Secure Server CA	`2016-01-27` - `2019-01-26`	3 years	crt.sh

This page contains 1 frames:

Primary Page: https://blockchaincomexplorer.z13.web.core.windows.net/
Frame ID: 65CDACEF4AE6921A605C4DA200090D17
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

9
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

46 kB
Transfer

43 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

9 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
blockchaincomexplorer.z13.web.core.windows.net/ 4 KB
5 KB 659ms
102ms Document
text/html 52.239.152.65
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://blockchaincomexplorer.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.152.65 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: b2fa491352e2d16022051f05c70a76a6ef801a21b6555c94e6198635852f4679

Request headers

Host: blockchaincomexplorer.z13.web.core.windows.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Length: 4477
Content-Type: text/html
Content-MD5: Uvtk7tyqo+fU0YUP1U+qCg==
Last-Modified: Thu, 06 Jun 2019 00:50:20 GMT
Accept-Ranges: bytes
ETag: "0x8D6EA18F3CE00EC"
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
x-ms-request-id: 12300442-b01e-0063-5459-20ee02000000
x-ms-version: 2018-03-28
Date: Tue, 11 Jun 2019 13:25:44 GMT

GET
H/1.1 200
OK 0112.png
blockchaincomexplorer.z13.web.core.windows.net/images/ 18 KB
19 KB 335ms
132ms Image
image/png 52.239.152.65
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blockchaincomexplorer.z13.web.core.windows.net/images/0112.png
Requested by: Host: blockchaincomexplorer.z13.web.core.windows.net
URL: https://blockchaincomexplorer.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.152.65 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c05380af61d626dd57101ff15027604cc4780561324f4482e74fb7dd6ca13318

Request headers

Referer: https://blockchaincomexplorer.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Jun 2019 13:25:44 GMT
Last-Modified: Sun, 02 Jun 2019 22:24:56 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D6E7A9246FB71B"
Content-Type: image/png
x-ms-request-id: 12300490-b01e-0063-1859-20ee02000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 18675

GET
H/1.1 200
OK blockv.png
blockchaincomexplorer.z13.web.core.windows.net/images/ 4 KB
4 KB 103ms
102ms Image
image/png 52.239.152.65
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blockchaincomexplorer.z13.web.core.windows.net/images/blockv.png
Requested by: Host: blockchaincomexplorer.z13.web.core.windows.net
URL: https://blockchaincomexplorer.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.152.65 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 9ebb21fa38cb0f17d7929d54d2a02eccfd69e14e3917ab5b9f87c9532461c309

Request headers

Referer: https://blockchaincomexplorer.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Jun 2019 13:25:44 GMT
Last-Modified: Sun, 02 Jun 2019 22:24:56 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D6E7A9249F340B"
Content-Type: image/png
x-ms-request-id: 1230045b-b01e-0063-6759-20ee02000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 4055

GET
H/1.1 200
OK data.png
blockchaincomexplorer.z13.web.core.windows.net/images/ 2 KB
3 KB 391ms
97ms Image
image/png 52.239.152.65
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blockchaincomexplorer.z13.web.core.windows.net/images/data.png
Requested by: Host: blockchaincomexplorer.z13.web.core.windows.net
URL: https://blockchaincomexplorer.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.152.65 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c8d389f0fcee8945d24c920813bee5ecb6a488e5516907386845af3538b60792

Request headers

Referer: https://blockchaincomexplorer.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Jun 2019 13:25:45 GMT
Last-Modified: Sun, 02 Jun 2019 22:24:57 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D6E7A92535C29D"
Content-Type: image/png
x-ms-request-id: 4bbeb3e7-e01e-009e-2059-20d160000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 2395

GET
H/1.1 200
OK en.png
blockchaincomexplorer.z13.web.core.windows.net/images/ 967 B
1 KB 456ms
120ms Image
image/png 52.239.152.65
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blockchaincomexplorer.z13.web.core.windows.net/images/en.png
Requested by: Host: blockchaincomexplorer.z13.web.core.windows.net
URL: https://blockchaincomexplorer.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.152.65 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: f3e9331146bbe6fa8bcab174913e471c162562f1711a06dc1a605ec26f53a2f6

Request headers

Referer: https://blockchaincomexplorer.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Jun 2019 13:25:44 GMT
Last-Modified: Sun, 02 Jun 2019 22:24:58 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D6E7A925689B87"
Content-Type: image/png
x-ms-request-id: 123004a3-b01e-0063-2b59-20ee02000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 967

GET
H/1.1 200
OK app.png
blockchaincomexplorer.z13.web.core.windows.net/images/ 7 KB
7 KB 490ms
98ms Image
image/png 52.239.152.65
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blockchaincomexplorer.z13.web.core.windows.net/images/app.png
Requested by: Host: blockchaincomexplorer.z13.web.core.windows.net
URL: https://blockchaincomexplorer.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.152.65 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 3c8027e47b41870fb0f3c1a9066cc230b16b178c569c1a7197a411966177cdf2

Request headers

Referer: https://blockchaincomexplorer.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Jun 2019 13:25:45 GMT
Last-Modified: Sun, 02 Jun 2019 22:24:57 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D6E7A924DF0793"
Content-Type: image/png
x-ms-request-id: 4bbeb3f9-e01e-009e-3259-20d160000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 6853

GET
H/1.1 200
OK button2.png
blockchaincomexplorer.z13.web.core.windows.net/images/ 1 KB
2 KB 553ms
96ms Image
image/png 52.239.152.65
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blockchaincomexplorer.z13.web.core.windows.net/images/button2.png
Requested by: Host: blockchaincomexplorer.z13.web.core.windows.net
URL: https://blockchaincomexplorer.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.152.65 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: daf11702de48ec4fd2b7597e397ad16960b73c7e588d3fe73a026b162881fde4

Request headers

Referer: https://blockchaincomexplorer.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Jun 2019 13:25:45 GMT
Last-Modified: Sun, 02 Jun 2019 22:24:56 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D6E7A924720174"
Content-Type: image/png
x-ms-request-id: 123004a9-b01e-0063-3159-20ee02000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 1282

GET
H/1.1 200
OK bgb3.png
blockchaincomexplorer.z13.web.core.windows.net/images/ 5 KB
5 KB 180ms
95ms Image
image/png 52.239.152.65
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://blockchaincomexplorer.z13.web.core.windows.net/images/bgb3.png
Requested by: Host: blockchaincomexplorer.z13.web.core.windows.net
URL: https://blockchaincomexplorer.z13.web.core.windows.net/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.152.65 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e3e4b2f8f6432fbf222c2b7f02a2a1476faac8d1fa64bec83ab68c0127251ee7

Request headers

Referer: https://blockchaincomexplorer.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 11 Jun 2019 13:25:44 GMT
Last-Modified: Sun, 02 Jun 2019 22:24:56 GMT
Server: Windows-Azure-Web/1.0 Microsoft-HTTPAPI/2.0
ETag: "0x8D6E7A9246DE207"
Content-Type: image/png
x-ms-request-id: 12300487-b01e-0063-0f59-20ee02000000
x-ms-version: 2018-03-28
Accept-Ranges: bytes
Content-Length: 4941

GET
H/1.1 200
OK request Show response
p01.notifa.info/3fsmd3/ 393 B
986 B 970ms
191ms Script
text/javascript 118.97.116.2
TELKOMNET-AS2-AP ...

General

Check archive.org

Show headers Download Go to

Full URL

https://p01.notifa.info/3fsmd3/request?id=1&enc=9UwkxLgY9&params=4TtHaUQnUEiP6K%2fc5C582JKzDzTsXZH2Y%2bL9V8zempj7OqdQmMeF1qnwWWqKNgqon7ugOiw5l8n1paKmeAuGVphrMf0eMROEBoFfTJYqBZpfOtApdp7qCKLg62CC%2bIHIx1OFA6Dle0YhSJU7oNL3siiwz7eJ9TuuW9kuFnLEY3x2Aol1D8xevX%2bMN1Q8QhTuQC62PWqfCKA%2fVzaSBmOAfGVsWeHpkPfq%2flZ9WuYTsLf%2fFLLD0%2bjIPzelMXt1iyzp97SMyhvUg6l70EDP%2f2BbyExqwlDsI1vJ2gQzmWg5OrYcASi3XLGlhfyph4SjxnKN0CgQJ9HjeCHZNSie%2fo6iC0JJtJs145g46%2f4iUD2zGdUW3lHtFUgoL82bKtsUnnhSlMYstEV%2bUhlQ0Jcp%2fn%2f1MITvOxQKZD8pfiqijV2JCNy1ee%2fUVMtc5X10Wj50xcoqbP81y%2bbbs%2bP0nQashq2s4uXM%2bhUkI9VtJ7mZROXgth6tOMliAeGrizBjoQzxczOlfP32AFNHNiQwzpwJ6E%2f6ALAoQHerk2MgDZZ6iruVa7U%3d&idc_r=45024097602&domain=blockchaincomexplorer.z13.web.core.windows.net&sw=1600&sh=1200

Requested by

Host: blockchaincomexplorer.z13.web.core.windows.net
URL: https://blockchaincomexplorer.z13.web.core.windows.net/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

118.97.116.2 Jakarta, Indonesia, ASN17974 (TELKOMNET-AS2-AP PT Telekomunikasi Indonesia, ID),

Reverse DNS

2.subnet118-97-116.static.astinet.telkom.net.id

Software

Resource Hash

4bed72f44e8337fb4f0afe4e1567ba1a5cf11e6ca01d3d2d5ef286f46dbe5ad6

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://blockchaincomexplorer.z13.web.core.windows.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 11 Jun 2019 13:24:35 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=86400
Expires: 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Blockchain (Crypto Exchange)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

blockchaincomexplorer.z13.web.core.windows.net
p01.notifa.info
118.97.116.2
52.239.152.65
3c8027e47b41870fb0f3c1a9066cc230b16b178c569c1a7197a411966177cdf2
4bed72f44e8337fb4f0afe4e1567ba1a5cf11e6ca01d3d2d5ef286f46dbe5ad6
9ebb21fa38cb0f17d7929d54d2a02eccfd69e14e3917ab5b9f87c9532461c309
b2fa491352e2d16022051f05c70a76a6ef801a21b6555c94e6198635852f4679
c05380af61d626dd57101ff15027604cc4780561324f4482e74fb7dd6ca13318
c8d389f0fcee8945d24c920813bee5ecb6a488e5516907386845af3538b60792
daf11702de48ec4fd2b7597e397ad16960b73c7e588d3fe73a026b162881fde4
e3e4b2f8f6432fbf222c2b7f02a2a1476faac8d1fa64bec83ab68c0127251ee7
f3e9331146bbe6fa8bcab174913e471c162562f1711a06dc1a605ec26f53a2f6

blockchaincomexplorer.z13.web.core.windows.net Open in urlscan Pro 52.239.152.65 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

9 Requests

89 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

46 kBTransfer

43 kBSize

0 Cookies

0 Outgoing links

Redirected requests

9 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

8 JavaScript Global Variables

0 Cookies

Indicators

blockchaincomexplorer.z13.web.core.windows.net Open in urlscan Pro
52.239.152.65 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

9
Requests

89 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

46 kB
Transfer

43 kB
Size

0
Cookies

9 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!