daytopia.ng
Open in
urlscan Pro
68.65.120.94
Malicious Activity!
Public Scan
Effective URL: https://daytopia.ng/mgghyer/binff/Charone/app/signin
Submission: On March 01 via manual from US
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 9th 2021. Valid for: a year.
This is the only time daytopia.ng was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: PayPal (Financial)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2402:ee80:59:... 2402:ee80:59:2::136 | 132647 (IDNIC-PAN...) (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia) | |
3 9 | 68.65.120.94 68.65.120.94 | 22612 (NAMECHEAP...) (NAMECHEAP-NET) | |
1 | 2606:4700:303... 2606:4700:3035::ac43:c763 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
8 | 104.126.36.192 104.126.36.192 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 6 | 2.16.186.163 2.16.186.163 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:800::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:810::2003 | 15169 (GOOGLE) (GOOGLE) | |
23 | 6 |
ASN132647 (IDNIC-PANDI-AS-ID Pengelola Nama Domain Internet Indonesia, ID)
s.id |
ASN22612 (NAMECHEAP-NET, US)
PTR: host73.registrar-servers.com
daytopia.ng |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-126-36-192.deploy.static.akamaitechnologies.com
cdn.livechatinc.com | |
cdn.livechat-files.com | |
cdn.livechat-static.com |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-163.deploy.static.akamaitechnologies.com
secure.livechatinc.com | |
accounts.livechatinc.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
12 |
livechatinc.com
1 redirects
cdn.livechatinc.com secure.livechatinc.com accounts.livechatinc.com |
316 KB |
9 |
daytopia.ng
3 redirects
daytopia.ng |
130 KB |
2 |
gstatic.com
fonts.gstatic.com |
20 KB |
1 |
livechat-static.com
cdn.livechat-static.com |
365 KB |
1 |
livechat-files.com
cdn.livechat-files.com |
5 KB |
1 |
googleapis.com
fonts.googleapis.com |
814 B |
1 |
js-codes.com
js-codes.com |
2 KB |
1 |
s.id
1 redirects
s.id |
754 B |
23 | 8 |
Domain | Requested by | |
---|---|---|
9 | daytopia.ng |
3 redirects
daytopia.ng
|
6 | cdn.livechatinc.com |
daytopia.ng
secure.livechatinc.com |
4 | secure.livechatinc.com |
cdn.livechatinc.com
|
2 | accounts.livechatinc.com |
1 redirects
cdn.livechatinc.com
|
2 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | cdn.livechat-static.com | |
1 | cdn.livechat-files.com | |
1 | fonts.googleapis.com |
secure.livechatinc.com
|
1 | js-codes.com |
daytopia.ng
|
1 | s.id | 1 redirects |
23 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
daytopia.ng Sectigo RSA Domain Validation Secure Server CA |
2021-02-09 - 2022-03-12 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-08-03 - 2021-08-03 |
a year | crt.sh |
livechat.com DigiCert Secure Site ECC CA-1 |
2020-07-16 - 2021-07-16 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-26 - 2021-04-20 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://daytopia.ng/mgghyer/binff/Charone/app/signin
Frame ID: 8E530361A6C078AF5D46309C40F6A841
Requests: 13 HTTP requests in this frame
Frame:
https://secure.livechatinc.com/licence/12655146/v2/open_chat.cgi?license=12655146&group=0&embedded=1&widget_version=3&unique_groups=0&localization_improvement=1
Frame ID: 2771D14F74852A14945E0B40DF824D31
Requests: 9 HTTP requests in this frame
Frame:
https://accounts.livechatinc.com/static/postmessage.html
Frame ID: 597BBF5D5210956E34DE017C3F94128E
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://s.id/yqove
HTTP 301
https://daytopia.ng/mgghyer/binff/Charone HTTP 301
https://daytopia.ng/mgghyer/binff/Charone/ HTTP 302
https://daytopia.ng/mgghyer/binff/Charone/app/index HTTP 302
https://daytopia.ng/mgghyer/binff/Charone/app/signin Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
LiveChat (Live Chat) Expand
Detected patterns
- script /cdn\.livechatinc\.com\/.*tracking\.js/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]([\d.]*\d)[^/]*\.js/i
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://s.id/yqove
HTTP 301
https://daytopia.ng/mgghyer/binff/Charone HTTP 301
https://daytopia.ng/mgghyer/binff/Charone/ HTTP 302
https://daytopia.ng/mgghyer/binff/Charone/app/index HTTP 302
https://daytopia.ng/mgghyer/binff/Charone/app/signin Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 16- https://accounts.livechatinc.com/customer?license_id=12655146&flow=button&response_type=token&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&redirect_uri=https%3A%2F%2Fsecure.livechatinc.com%2Flicence%2F12655146%2Fv2%2Fopen_chat.cgi&post_message_uri=https%3A%2F%2Fsecure.livechatinc.com%2Flicence%2F12655146%2Fv2%2Fopen_chat.cgi&state=%40livechat%2Fcustomer-auth HTTP 302
- https://accounts.livechatinc.com/static/postmessage.html
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
signin
daytopia.ng/mgghyer/binff/Charone/app/ Redirect Chain
|
7 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
signin.css
daytopia.ng/mgghyer/binff/Charone/app/lib/styles/ |
11 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
daytopia.ng/mgghyer/binff/Charone/app/lib/js/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modernizr.min.js
js-codes.com/modernizr/2.9.0/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking.js
cdn.livechatinc.com/ |
76 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_official.svg
daytopia.ng/mgghyer/binff/Charone/app/lib/pics/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p_small_regular.woff
daytopia.ng/mgghyer/binff/Charone/app/lib/fonts/ |
46 KB 46 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p_small_light.woff
daytopia.ng/mgghyer/binff/Charone/app/lib/fonts/ |
46 KB 46 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
get_dynamic_config.js
secure.livechatinc.com/licence/12655146/v2/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
get_static_config.0.5.1.1.7.12.11.7.1.1.1.1.5.js
secure.livechatinc.com/licence/12655146/v2/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
open_chat.cgi
secure.livechatinc.com/licence/12655146/v2/ Frame 2771 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
localization.en.0.f18dd4d9fb0b965b3781bba9707f6877_062309ef0f5f43c0f99708b11af4bdb1.js
secure.livechatinc.com/licence/12655146/v2/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 2771 |
5 KB 814 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.4f9dfea7.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 2771 |
413 KB 132 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.55284953.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 2771 |
363 KB 104 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
fonts.gstatic.com/s/notosans/v11/ Frame 2771 |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
fonts.gstatic.com/s/notosans/v11/ Frame 2771 |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postmessage.html
accounts.livechatinc.com/static/ Frame 597B Redirect Chain
|
553 B 491 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cdn.livechatinc.com/cloud/ |
28 KB 28 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
greeting.0f8e7274.chunk.js
cdn.livechatinc.com/widget/static/js/ Frame 2771 |
20 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8bbdc73ea483e10d170237d912390eed.jpeg
cdn.livechat-files.com/api/file/lc/img/12655146/ Frame 2771 |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new_message.a37211a6.ogg
cdn.livechatinc.com/widget/static/media/ |
11 KB 11 KB |
Media
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
handwave.gif
cdn.livechat-static.com/api/file/lc/img/rich-greetings/ Frame 2771 |
364 KB 365 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: PayPal (Financial)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery object| html5 object| Modernizr object| __lc object| LiveChatWidget boolean| __lc_inited object| LC_API1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.livechatinc.com/licence/12655146 | Name: __livechat Value: lc_all_invitation%3D0%26lc_auto_invites_shown%3D%26lc_chat_number%3D0%26lc_client_version%3D%26lc_goals_achieved%3D%26lc_integration_params%3D%26lc_lang%3Den%26lc_last_chat_start_time%3D0%26lc_last_conference_id%3D%26lc_last_operator_id%3D%26lc_last_operator_key%3D%26lc_last_operator_key_per_skill%3D%26lc_last_operator_per_skill%3D%26lc_last_visit%3D1614617900%26lc_nick%3D%26lc_ok_invitation%3D0%26lc_page_view%3D0%26lc_session%3DS1614617900.3e0f177f09%26lc_visit_number%3D0%26mcid%3D%26mcid_done%3D0 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.livechatinc.com
cdn.livechat-files.com
cdn.livechat-static.com
cdn.livechatinc.com
daytopia.ng
fonts.googleapis.com
fonts.gstatic.com
js-codes.com
s.id
secure.livechatinc.com
104.126.36.192
2.16.186.163
2402:ee80:59:2::136
2606:4700:3035::ac43:c763
2a00:1450:4001:800::200a
2a00:1450:4001:810::2003
68.65.120.94
0a846a5db4a7f2049b2bea79ff98121a4ca992f243704b303e753662522a9727
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d
27f884b49f41d8caa5b249ba5646e6532d3d610255684307ab2496bd18e3fe2e
2ba83576248901fd4ffd5bdde2833366330fc3cecc0434c66042712695337a2c
3b4bca8ca5164ea187b91fb32eefb0fd7a21d8c45e77267e3abe642b628614b0
5e17eafdf865c69859bb181f3a5b6f7e31abf64657bd29b1e69f67cb9a8992e5
6195b1bce0085db8c9b1b936150dfd7b070aa9be52d44580b1b6f16752dece34
7cb6c118ec3898ea3cf8db6f9d26f49cbe1ed8475e269b78d8162307b648b1ae
820f997bafcc26f65af7ca1f3a908fab4e4b0504fdd427d4e730960efd61f402
843e67ad522a908162007f4b7601819a5bbfef00e38ac7aec778766da8b7b2ab
8917977be12790bdb2f8297624b3d2a54e3456dd359bac62f8bbd3821a50f2f4
992c9cb6774a8d6fa85792279d33b9109fef2f871fdf8e79adad3da56179a4b2
a6c3bff965978df8093c3a29f7071c21d7439a212af41e7b40ce70d94d6bcc44
a9afafd03001404329b0871e17c22112067e61c6e2c3e85a6e1389423ecf13e8
ae79dcc3eb016922caa1d095cfd936446bc65a46bb3364b242dfc556f7e3c6a8
b23c0b83a601504ebc54a84623a2ae2b7cdf7208892499597401af735b35a832
b3cc50b9e94bbecaaeb1079b64b8ca50616d1732824964c1cc2c5422627a0ec5
d368f73655941321fa294f8c0f5d63f0a6caaab3dccac499800b4e2e49358a51
d9e5cb28669da77af8cfe722f9d35d75e26a29572fb56d08919e0f039c7b4767
e56f53b3b976e9c05d86645a1e85cfc69e961601d201e957768455580fa30478
e8bc42f24f5d419227ac54220f1b81d5199b567f449dec2a921e1bd51745b78a
fba5b5b63ffa6be9e92f56f6ea6003288fae6f09c2c2009e26983215d76e98e6