3 Replies Latest reply: Feb 12, 2013 4:11 AM by livechat
nieldm Level 1 (0 points)

I just installed a Debookee trial on my MacBook Pro (ML 10.8.2) and notice massive amounts of traffic between my MB and livechatinc.com. For example:


14:29:43http://secure.livechatinc.com/licence/1723821/tunnel_callback.cgi?gzdbpJjsYaqxlG r0wNoT&callback=_jqjsp&command=IWCS0116C%5ES1357829356.ae463eb01a%5E1723821%5E0% 5E&_1360074583940=GET
14:29:48http://secure.livechatinc.com/licence/1723821/tunnel_callback.cgi?EzidSRwcSuOItJ 5mUNmL&callback=_jqjsp&command=IWCS0116C%5ES1357829356.ae463eb01a%5E1723821%5E0% 5E&_1360074588932=GET
14:29:53http://secure.livechatinc.com/licence/1723821/tunnel_callback.cgi?raAhrr7vBwfg4h qtbQe6&callback=_jqjsp&command=IWCS0116C%5ES1357829356.ae463eb01a%5E1723821%5E0% 5E&_1360074593938=GET
14:29:58http://secure.livechatinc.com/licence/1723821/tunnel_callback.cgi?ZSAocYKLpivk37 Vseqfi&callback=_jqjsp&command=IWCS0116C%5ES1357829356.ae463eb01a%5E1723821%5E0% 5E&_1360074598937=GET
14:30:03http://secure.livechatinc.com/licence/1723821/tunnel_callback.cgi?Rq7uU6XCufeM7p vnJgUa&callback=_jqjsp&command=IWCS0116C%5ES1357829356.ae463eb01a%5E1723821%5E0% 5E&_1360074603936=GET
14:30:08http://secure.livechatinc.com/licence/1723821/tunnel_callback.cgi?N10jPW0gQotIcu pfnFo1&callback=_jqjsp&command=IWCS0116C%5ES1357829356.ae463eb01a%5E1723821%5E0% 5E&_1360074608936=GET




14:31:39http://www.livechatinc.com/wp-content/themes/livechat/images/download/mac/mac_lo go_text.pngGET
14:31:39http://www.livechatinc.com/wp-content/themes/livechat/images/download/mac/mac_os _content.pngGET
14:31:39http://www.livechatinc.com/wp-content/themes/livechat/images/download/mac/featur e_canned_response.pngGET
14:31:39http://www.livechatinc.com/wp-content/themes/livechat/images/download/mac/featur e_sneak_peek.pngGET
14:31:39http://www.livechatinc.com/wp-content/themes/livechat/images/download/mac/featur e_multitasking.pngGET


Can anyone let me know what is going on here? It certainly doesn't look right to me. Have I inadvertently installed some malware or is some software communicating with their servers? Spotify, Evernote or Dropbox maybe?


Thoughts anyone?





I have never heard of livechatinc (although I see what they do from their website) and don't use chat software.

Mac mini, OS X Mountain Lion (10.8)
  • funkyfonk Level 1 (20 points)

    Hi nieldm,


    Nathan, one of Debookee's developper, here.


    What is possible is that you've got a web page launched which has chat features. LiveChatInc seems to be used by major companies (although it has recently and silently been breached, see: http://seclists.org/fulldisclosure/2012/Oct/191), and can be included in web pages of other websites.


    To test it, close all your browsers and see if still any traffic.

    If yes, then it comes from an installed 'soft', if not, then go step by step opening websites and you'll identify it easily.


    Make me think that it could be a nice feature in Debookee to see from which application the network traffic is originating: Browsers / applications / Mac OS internals ...


    Good luck,


  • nieldm Level 1 (0 points)

    Thanks Nathan, I appreciate you responding. You are correct, that is exactly what it was and the "problem" is resolved.


    I have to say Debookee is a very promising application indeed, a sort of "Wireshark for non-techheads"! I use LanScan as my goto Network scanner and am now seriously considering buying Debookee to replace it.


    It would help were it a few $$ cheaper!


    Thanks again


  • livechat Level 1 (0 points)

    These logs confirm you are on the website that has LiveChat (http://livechatinc.com) installed on it. It means visitors on the website are given the ability to chat with customer service reps on the website. Sometimes you might be also displayed a chat invitation, offered a chat with the rep.

    These logs are simply pings checking if you are still on the website and if you can be offered chat.


    LiveChat as a service has not been breached - information that has been provided under the link above is not correct. We've tried reaching out to the owner of the website and ask him about the source of this wrong information that he posted and he never responded. Again, information about LiveChat service being breached is not true.


    Best regards,

    Szymon Klimczak