crystalhaze.gto-app.com
Open in
urlscan Pro
2620:1ec:bdf::60
Public Scan
URL:
https://crystalhaze.gto-app.com/rfx-portal/?code=U2FsdGVkX1+i63f4oQFhujdA6KGZ+ny8//WcwgL043o4a6Q0GLL9sOogWhKArK60
Submission: On July 01 via manual from US — Scanned from DE
Submission: On July 01 via manual from US — Scanned from DE
Summary
This website contacted 3 IPs
in 2 countries
across 4 domains to perform 15 HTTP transactions.
The main IP is 2620:1ec:bdf::60, located in
United States and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is crystalhaze.gto-app.com.
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on February 14th 2024. Valid for: 6 months.
This is the only time crystalhaze.gto-app.com was scanned on urlscan.io!
TLS certificate: Issued by GeoTrust Global TLS RSA4096 SHA256 20... on February 14th 2024. Valid for: 6 months.
This is the only time crystalhaze.gto-app.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 13 | 2620:1ec:bdf::60 2620:1ec:bdf::60 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:831::200a | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2a00:1450:400... 2a00:1450:4001:81c::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 15 | 3 |
13
2620:1ec:bdf::60
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| crystalhaze.gto-app.com | |
| apusecryhzeprfd01-a9ehanheaecychh8.a03.azurefd.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 11 |
gto-app.com
crystalhaze.gto-app.com |
9 MB |
| 2 |
azurefd.net
apusecryhzeprfd01-a9ehanheaecychh8.a03.azurefd.net |
452 B |
| 1 |
gstatic.com
fonts.gstatic.com |
16 KB |
| 1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83 |
1 KB |
| 15 | 4 |
| Domain | Requested by | |
|---|---|---|
| 11 | crystalhaze.gto-app.com |
crystalhaze.gto-app.com
|
| 2 | apusecryhzeprfd01-a9ehanheaecychh8.a03.azurefd.net |
crystalhaze.gto-app.com
|
| 1 | fonts.gstatic.com |
fonts.googleapis.com
|
| 1 | fonts.googleapis.com |
crystalhaze.gto-app.com
|
| 15 | 4 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| crystalhaze.gto-app.com GeoTrust Global TLS RSA4096 SHA256 2022 CA1 |
2024-02-14 - 2024-08-14 |
6 months | crt.sh |
| upload.video.google.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
| *.gstatic.com WR2 |
2024-06-13 - 2024-09-05 |
3 months | crt.sh |
| *.azurefd.net Microsoft Azure RSA TLS Issuing CA 04 |
2024-05-10 - 2025-05-05 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://crystalhaze.gto-app.com/rfx-portal/?code=U2FsdGVkX1+i63f4oQFhujdA6KGZ+ny8//WcwgL043o4a6Q0GLL9sOogWhKArK60
Frame ID: 41CFCB7889C0B8D08C2AB746F87255B6
Requests: 14 HTTP requests in this frame
Screenshot
Page Title
GTO: RFX Management PortalDetected technologies
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
15 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
crystalhaze.gto-app.com/rfx-portal/ |
842 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css2
fonts.googleapis.com/ |
9 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.c8a3d91c.js
crystalhaze.gto-app.com/rfx-portal/static/js/ |
3 MB 969 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.0e403b60.css
crystalhaze.gto-app.com/rfx-portal/static/css/ |
646 KB 131 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
426.4e2e0bcd.chunk.js
crystalhaze.gto-app.com/rfx-portal/static/js/ |
60 KB 25 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
906.2045441b.chunk.css
crystalhaze.gto-app.com/rfx-portal/static/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
906.d305e7fd.chunk.js
crystalhaze.gto-app.com/rfx-portal/static/js/ |
9 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
crystalhaze.gto-app.com/rfx-portal/ |
15 KB 16 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
favicon.ico
crystalhaze.gto-app.com/rfx-portal/ |
15 KB 0 |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
get-otp-email-templates
apusecryhzeprfd01-a9ehanheaecychh8.a03.azurefd.net/api/v1/rfx-portal/ |
0 452 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Left-top-artwork.0072f7245f470a4987a7.png
crystalhaze.gto-app.com/rfx-portal/static/media/ |
53 KB 53 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Logo-Login-Page.39f51c78299d3853ac0e.png
crystalhaze.gto-app.com/rfx-portal/static/media/ |
33 KB 34 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Login-Background-Artwork.d0fc5fee223ab6049664.jpg
crystalhaze.gto-app.com/rfx-portal/static/media/ |
7 MB 7 MB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
get-otp-email-templates
apusecryhzeprfd01-a9ehanheaecychh8.a03.azurefd.net/api/v1/rfx-portal/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage object| webpackChunkrfx_portal0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
apusecryhzeprfd01-a9ehanheaecychh8.a03.azurefd.net
crystalhaze.gto-app.com
fonts.googleapis.com
fonts.gstatic.com
2620:1ec:bdf::60
2a00:1450:4001:81c::2003
2a00:1450:4001:831::200a
2b46fc19e49853a7edc9397db4fdb5941ce4d37eb1e7d7d771edb1f2ddc6a3ba
4234263cba04fb1ff851ee7956f7aa31e497bbce4097e144ca2d88a0004540e8
7599d3b4268990c7c5a08402f7e53b90c8834b52539dd96c767c20b0f15326c4
7b7d9330f26ef107c9f6c08f2b4650f0e9fc90281cee44bba190e51cda29df51
895f989cb0d82ec6567a17b01d5ed94685726bac903697eb69d43c24ed18bea9
8d6f17a18e9218af3588a9aaf5720f304fc048edfd39f870430cc4b268f641e9
af9e52b1788e243b0a07ba97a3de75df5845d00b896f1b83f38c42702a7ba690
ccf83772d5f0a6252bbad88a09689fb7f3a0f120061bc48b60471f417598e89e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e740f54a1470a5acebcf6ac7a8d03885434c53a55739344d64a415ac7700c119
f1a30e25fbdfdde8a515aca4beb3b33b0f83f2b0e5d09c7721ff6046536ad3cd
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fc27119ccd83bcd2f271cc324f09858a8b30be2869c5205b756d14a12890d1e0