opusbooking.it
Open in
urlscan Pro
51.255.31.180
Malicious Activity!
Public Scan
Effective URL: http://opusbooking.it/libraries/joomla/view/summrysucc/app/signin
Submission Tags: phishing malicious Search All
Submission: On February 24 via api from US
Summary
This is the only time opusbooking.it was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2402:ee80:59:... 2402:ee80:59:2::136 | 132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia) | |
2 8 | 51.255.31.180 51.255.31.180 | 16276 (OVH) (OVH) | |
1 | 2606:4700:303... 2606:4700:3035::ac43:c763 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 11 | 2.16.186.155 2.16.186.155 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
21 | 6 |
ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)
s.id |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-155.deploy.static.akamaitechnologies.com
cdn.livechatinc.com | |
secure.livechatinc.com | |
accounts.livechatinc.com | |
api.livechatinc.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
livechatinc.com
1 redirects
cdn.livechatinc.com secure.livechatinc.com accounts.livechatinc.com api.livechatinc.com |
298 KB |
8 |
opusbooking.it
2 redirects
opusbooking.it |
131 KB |
2 |
gstatic.com
fonts.gstatic.com |
20 KB |
1 |
googleapis.com
fonts.googleapis.com |
815 B |
1 |
js-codes.com
js-codes.com |
2 KB |
1 |
s.id
1 redirects
s.id |
779 B |
21 | 6 |
Domain | Requested by | |
---|---|---|
8 | opusbooking.it |
2 redirects
opusbooking.it
|
4 | secure.livechatinc.com |
cdn.livechatinc.com
|
4 | cdn.livechatinc.com |
opusbooking.it
secure.livechatinc.com |
2 | accounts.livechatinc.com |
1 redirects
cdn.livechatinc.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | api.livechatinc.com |
cdn.livechatinc.com
|
1 | fonts.googleapis.com |
secure.livechatinc.com
|
1 | js-codes.com |
opusbooking.it
|
1 | s.id | 1 redirects |
21 | 9 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-03 - 2021-08-03 |
a year | crt.sh |
livechat.com DigiCert Secure Site ECC CA-1 |
2020-07-16 - 2021-07-16 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
http://opusbooking.it/libraries/joomla/view/summrysucc/app/signin
Frame ID: 99DE1CAD752232866B8BD2DB052643E2
Requests: 13 HTTP requests in this frame
Frame:
https://secure.livechatinc.com/licence/12473550/v2/open_chat.cgi?license=12473550&group=0&embedded=1&widget_version=3&unique_groups=0&localization_improvement=1
Frame ID: FA06BE37FA0D02E695FC7D7E71CBEBB8
Requests: 7 HTTP requests in this frame
Frame:
https://accounts.livechatinc.com/static/postmessage.html
Frame ID: 260FF0F17917961DC3F36BB324F142CD
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://s.id/yh8Ao
HTTP 301
http://opusbooking.it/libraries/joomla/view/summrysucc/app/signin HTTP 302
http://opusbooking.it/libraries/joomla/view/summrysucc/app/index.php HTTP 302
http://opusbooking.it/libraries/joomla/view/summrysucc/app/signin Page URL
Detected technologies
Nginx (Web Servers) ExpandDetected patterns
- headers server /nginx(?:\/([\d.]+))?/i
LiveChat (Live Chat) Expand
Detected patterns
- script /cdn\.livechatinc\.com\/.*tracking\.js/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://s.id/yh8Ao
HTTP 301
http://opusbooking.it/libraries/joomla/view/summrysucc/app/signin HTTP 302
http://opusbooking.it/libraries/joomla/view/summrysucc/app/index.php HTTP 302
http://opusbooking.it/libraries/joomla/view/summrysucc/app/signin Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- https://accounts.livechatinc.com/customer?license_id=12473550&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Flicence%2F12473550%2Fv2%2Fopen_chat.cgi&post_message_uri=https%3A%2F%2Fsecure.livechatinc.com%2Flicence%2F12473550%2Fv2%2Fopen_chat.cgi&state=%40livechat%2Fcustomer-auth HTTP 302
- https://accounts.livechatinc.com/static/postmessage.html
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
signin
opusbooking.it/libraries/joomla/view/summrysucc/app/ Redirect Chain
|
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
signin.css
opusbooking.it/libraries/joomla/view/summrysucc/app/lib/styles/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.3.1.min.js
opusbooking.it/libraries/joomla/view/summrysucc/app/lib/js/ |
85 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.min.js
js-codes.com/modernizr/2.9.0/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_official.svg
opusbooking.it/libraries/joomla/view/summrysucc/app/lib/pics/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p_small_regular.woff
opusbooking.it/libraries/joomla/view/summrysucc/app/lib/fonts/ |
46 KB 46 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p_small_light.woff
opusbooking.it/libraries/joomla/view/summrysucc/app/lib/fonts/ |
46 KB 46 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking.js
cdn.livechatinc.com/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_dynamic_config.js
secure.livechatinc.com/licence/12473550/v2/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get_static_config.0.72.1.1.7.12.6.7.1.2.1.2.3.js
secure.livechatinc.com/licence/12473550/v2/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open_chat.cgi
secure.livechatinc.com/licence/12473550/v2/ Frame FA06 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
localization.en.0.f18dd4d9fb0b965b3781bba9707f6877_72778ff78ec87666f3fedb225356c718.js
secure.livechatinc.com/licence/12473550/v2/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame FA06 |
5 KB 815 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.4f9dfea7.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame FA06 |
413 KB 132 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.f0a6f3db.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame FA06 |
363 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v11/ Frame FA06 |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v11/ Frame FA06 |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postmessage.html
accounts.livechatinc.com/static/ Frame 260F Redirect Chain
|
553 B 491 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
info
api.livechatinc.com/v3.2/customer/rtm/sjs/ Frame FA06 |
79 B 298 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cdn.livechatinc.com/cloud/ |
28 KB 28 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
get_localization
api.livechatinc.com/v3.3/customer/action/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- api.livechatinc.com
- URL
- https://api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12473550&version=f18dd4d9fb0b965b3781bba9707f6877_72778ff78ec87666f3fedb225356c718&language=en&group_id=0
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| html5 object| Modernizr object| __lc object| LiveChatWidget boolean| __lc_inited object| LC_API2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.livechatinc.com/licence/12473550 | Name: __livechat Value: lc_all_invitation%3D0%26lc_auto_invites_shown%3D%26lc_chat_number%3D0%26lc_client_version%3D%26lc_goals_achieved%3D%26lc_integration_params%3D%26lc_lang%3Den%26lc_last_chat_start_time%3D0%26lc_last_conference_id%3D%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_last_operator_key_per_skill%3D%26lc_last_operator_per_skill%3D%26lc_last_visit%3D1614207480%26lc_nick%3D%26lc_ok_invitation%3D0%26lc_page_view%3D0%26lc_session%3DS1614207480.7a9b7ee6e7%26lc_visit_number%3D0%26mcid%3D%26mcid_done%3D0 |
|
opusbooking.it/ | Name: PHPSESSID Value: agpij0ir518mt94ru2ma90hngk |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.livechatinc.com
api.livechatinc.com
cdn.livechatinc.com
fonts.googleapis.com
fonts.gstatic.com
js-codes.com
opusbooking.it
s.id
secure.livechatinc.com
api.livechatinc.com
2.16.186.155
2402:ee80:59:2::136
2606:4700:3035::ac43:c763
2a00:1450:4001:810::2003
2a00:1450:4001:829::200a
51.255.31.180
041c3ada5870be9c2c8115cb1623d35033d3828515a52f08017dcae99e32873f
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
27f884b49f41d8caa5b249ba5646e6532d3d610255684307ab2496bd18e3fe2e
2ba83576248901fd4ffd5bdde2833366330fc3cecc0434c66042712695337a2c
35ebe301227a4a539144cd8b195fd1e2cdb941cf00bb9e8de8e58c66b6f1e313
43985f0f3f58324561bb1f9356e83bbf04e505cbdad20172b36635423affd43d
5eaa8e6334b9450092340faa08d14b61ffedd87e31cff88527bff8a0d000e099
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
7cb6c118ec3898ea3cf8db6f9d26f49cbe1ed8475e269b78d8162307b648b1ae
843e67ad522a908162007f4b7601819a5bbfef00e38ac7aec778766da8b7b2ab
a45f63f61c88cc44619421c30171781ba0e4fd10d723da958343227c578894ca
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
a9afafd03001404329b0871e17c22112067e61c6e2c3e85a6e1389423ecf13e8
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
b23c0b83a601504ebc54a84623a2ae2b7cdf7208892499597401af735b35a832
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
d2259a6946b2dff26a9434a229af9bef0b9935121b4e1dea79b9ca1699ba2cf8
d9e5cb28669da77af8cfe722f9d35d75e26a29572fb56d08919e0f039c7b4767
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
f206c64dec994a776eff9b76430a7610464d9fd8a6d10bee80e58b01db47b76e