krakreuyneis.azurewebsites.net
Open in
urlscan Pro
20.119.8.59
Malicious Activity!
Public Scan
Submission: On March 02 via api from US — Scanned from US
Summary
TLS certificate: Issued by Microsoft Azure TLS Issuing CA 02 on January 26th 2024. Valid for: 5 months.
This is the only time krakreuyneis.azurewebsites.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Kraken (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
12 | 20.119.8.59 20.119.8.59 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 44.240.92.49 44.240.92.49 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 2a04:4e42:600... 2a04:4e42:600::485 | 54113 (FASTLY) (FASTLY) | |
1 | 2a04:4e42:200... 2a04:4e42:200::649 | 54113 (FASTLY) (FASTLY) | |
10 | 2606:4700:10:... 2606:4700:10::ac43:2642 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:10:... 2606:4700:10::6816:1983 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
28 | 7 |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
krakreuyneis.azurewebsites.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-92-49.us-west-2.compute.amazonaws.com
htek4iohdq.js-delivr.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
azurewebsites.net
krakreuyneis.azurewebsites.net |
367 KB |
11 |
tawk.to
embed.tawk.to — Cisco Umbrella Rank: 9772 va.tawk.to — Cisco Umbrella Rank: 9324 |
143 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 310 |
50 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 760 |
24 KB |
1 |
js-delivr.com
htek4iohdq.js-delivr.com |
|
28 | 5 |
Domain | Requested by | |
---|---|---|
12 | krakreuyneis.azurewebsites.net |
krakreuyneis.azurewebsites.net
|
8 | embed.tawk.to |
krakreuyneis.azurewebsites.net
embed.tawk.to |
3 | va.tawk.to |
embed.tawk.to
|
3 | cdn.jsdelivr.net |
krakreuyneis.azurewebsites.net
|
1 | code.jquery.com |
krakreuyneis.azurewebsites.net
|
1 | htek4iohdq.js-delivr.com |
krakreuyneis.azurewebsites.net
|
28 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.azurewebsites.net Microsoft Azure TLS Issuing CA 02 |
2024-01-26 - 2024-06-27 |
5 months | crt.sh |
*.js-delivr.com Amazon RSA 2048 M03 |
2023-08-17 - 2024-09-13 |
a year | crt.sh |
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3 |
2023-09-27 - 2024-10-28 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-28 - 2024-04-27 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://krakreuyneis.azurewebsites.net/
Frame ID: 81DB32474BC4CCBF544A32CDD8D063C9
Requests: 28 HTTP requests in this frame
Screenshot
Page Title
Sign in to Kraken - Kraken | Buy, Sell and Margin Trade Bitcoin (BTC) and Ethereum (ETH)Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Tawk.to (Live Chat) Expand
Detected patterns
- //embed\.tawk\.to
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr (CDN) Expand
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
krakreuyneis.azurewebsites.net/ |
12 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js
htek4iohdq.js-delivr.com/js/hv6ic/ |
0 0 |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
32d8a9745eb685f77dcc.css
krakreuyneis.azurewebsites.net/assets/ |
222 KB 222 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
style.css
krakreuyneis.azurewebsites.net/assets/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
73dbd6c28a3a3af4ec83.css
krakreuyneis.azurewebsites.net/assets/ |
109 KB 110 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fcca1963fd2429253b30.css
krakreuyneis.azurewebsites.net/assets/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/ |
158 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
0
krakreuyneis.azurewebsites.net/assets/ |
0 225 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.slim.min.js
code.jquery.com/ |
71 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/ |
62 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sign-in.be3cefee3310f6615ae46fb1f9bc99c1.svg
krakreuyneis.azurewebsites.net/assets/images/ |
24 KB 25 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-left.ae9a49d767fa163a1e6943968638fdbe.svg
krakreuyneis.azurewebsites.net/assets/images/ |
151 B 368 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bg-right.f0ed0d853379e05ad03abef9d4c0d907.svg
krakreuyneis.azurewebsites.net/assets/images/ |
334 B 552 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IBMPlexSans-Medium.316f646d9659afec6e78609e0b4efc76.woff2
krakreuyneis.azurewebsites.net/accounts/_next/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1hmf4esdv
embed.tawk.to/65ca4fba8d261e1b5f5f1e59/ |
2 KB 925 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IBMPlexSans-Medium.06f64402ec63d60936026e40b2b49718.woff
krakreuyneis.azurewebsites.net/accounts/_next/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
IBMPlexSans-Medium.30caf0d84ce1532c49c9bb5b0a0de9b4.ttf
krakreuyneis.azurewebsites.net/accounts/_next/static/media/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-main.js
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ |
121 B 264 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-vendor.js
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ |
81 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ |
212 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-chunk-common.js
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ |
220 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-runtime.js
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
twk-app.js
embed.tawk.to/_s/v4/app/65cc2ba794a/js/ |
151 B 207 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-settings
va.tawk.to/v1/ |
3 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
start
va.tawk.to/v1/session/ |
64 B 365 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
start
va.tawk.to/v1/session/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
en.js
embed.tawk.to/_s/v4/app/65cc2ba794a/languages/ |
17 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Kraken (Crypto Exchange)16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| Popper object| bootstrap object| Tawk_API object| Tawk_LoadStart function| preventBack string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
krakreuyneis.azurewebsites.net/ | Name: twk_idm_key Value: 36LdUH7mgHfY4s6ZD-ty_ |
|
krakreuyneis.azurewebsites.net/ | Name: TawkConnectionTime Value: 0 |
6 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.jsdelivr.net
code.jquery.com
embed.tawk.to
htek4iohdq.js-delivr.com
krakreuyneis.azurewebsites.net
va.tawk.to
20.119.8.59
2606:4700:10::6816:1983
2606:4700:10::ac43:2642
2a04:4e42:200::649
2a04:4e42:600::485
44.240.92.49
04360fd4a808b39a7f6963ac0a40d99eb5142c215f1efa4318fea3006e74f655
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
27cd5132150fb75c99692d6a7a08e6c4675765c261e6fc5c8f0a79845cfe8556
3a585b6fea16288b0a8b6cbd87f2262454774ed346242edd62e4e91f3cff4033
4ff5b7e73e57301f33764e0c877a6638b8af829264b419aa17aaa61cb259ee18
4ffcc598ee6cff4692c1cea272cd8a2f195f6dec32473e94370d6cdcfa5fe601
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
73e4835337e0518df5f50e76ca82fc033cc105fcf144e0f20382dc645b979048
75b20e74e3effa00e4b62b9da6df7d7542d91cb4b50078b8365112d556a73a7e
786714b48a70a4dc9168814d519dbce33801b93ccbd7062150dc3b09fdc835aa
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
9a746d30dd22cb64c0d4f9a2043bb6d0a15d9acf25974935a895d0e5b6ca13e0
9d89d57843bacb5bc5b4b250470f293724ea2d9a0a4f6f13e3e52dd91142dd8e
aeacf416eb5106a0aa1ec3ce513db92d39d5d36ddd156e25cce0369fc4d115e5
aff29eca27e3fb1e25955b37dcb296d140a2857371d91783c12eb6f587b334ad
b034f4c4f0cbb897a07d312624bcc00303e651125ac0247a2cba0ee08b493741
cacf64c5ee3e6c93448f81614f7c6073cf685e90f14727e49e3fb4762901cd2a
d6af4e841ae21e4bf7308fa7ccd2ef434acc56d9ace0d6056e75234ac503d350
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e5f35d586c0e6a9a9d7187687be087580c40a5f8d0e52f0c4053bbc25c98db
edd03b96ae4ff7886406c59d7dfeeaa1b624a7da297bf2f92d0cb6b7f9633cba
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663
fe28dc38bc057f6eb11180235bbe458b3295a39b674d889075d3d9a0b5071d9f
fe384d6150fae0d1a52854c9a928969917ca8f715d6eb6045506292d0d017b39