zesty-continuous-spectacles.glitch.me
Open in
urlscan Pro
34.192.63.42
Malicious Activity!
Public Scan
Submission: On July 16 via manual from ES
Summary
TLS certificate: Issued by Amazon on January 18th 2021. Valid for: a year.
This is the only time zesty-continuous-spectacles.glitch.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 34.192.63.42 34.192.63.42 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00:2a7::35c1 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3a | 20446 (HIGHWINDS3) (HIGHWINDS3) | |
1 | 145.239.131.55 145.239.131.55 | 16276 (OVH) (OVH) | |
1 1 | 2606:4700:303... 2606:4700:3037::6815:bdb | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 192.229.233.123 192.229.233.123 | 15133 (EDGECAST) (EDGECAST) | |
1 | 13.224.96.12 13.224.96.12 | 16509 (AMAZON-02) (AMAZON-02) | |
8 | 6 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-63-42.compute-1.amazonaws.com
zesty-continuous-spectacles.glitch.me |
ASN20940 (AKAMAI-ASN1, NL)
secure.aadcdn.microsoftonline-p.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-12.zrh50.r.cloudfront.net
cdn.glitch.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
glitch.me
zesty-continuous-spectacles.glitch.me |
201 KB |
2 |
typenetwork.com
1 redirects
cloud.typenetwork.com |
1 KB |
1 |
glitch.com
cdn.glitch.com |
167 KB |
1 |
webtype.com
1 redirects
cloud.webtype.com |
647 B |
1 |
ibb.co
i.ibb.co |
23 KB |
1 |
jquery.com
code.jquery.com |
30 KB |
1 |
microsoftonline-p.com
secure.aadcdn.microsoftonline-p.com |
2 KB |
8 | 7 |
Domain | Requested by | |
---|---|---|
3 | zesty-continuous-spectacles.glitch.me |
zesty-continuous-spectacles.glitch.me
|
2 | cloud.typenetwork.com |
1 redirects
zesty-continuous-spectacles.glitch.me
|
1 | cdn.glitch.com |
zesty-continuous-spectacles.glitch.me
|
1 | cloud.webtype.com | 1 redirects |
1 | i.ibb.co |
zesty-continuous-spectacles.glitch.me
|
1 | code.jquery.com |
zesty-continuous-spectacles.glitch.me
|
1 | secure.aadcdn.microsoftonline-p.com |
zesty-continuous-spectacles.glitch.me
|
8 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
login.microsoftonline.com |
login.live.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
glitch.com Amazon |
2021-01-18 - 2022-02-15 |
a year | crt.sh |
secure.aadcdn.microsoftonline-p.com Microsoft RSA TLS CA 01 |
2020-12-22 - 2021-12-22 |
a year | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-14 - 2022-08-14 |
a year | crt.sh |
ibb.co R3 |
2021-06-07 - 2021-09-05 |
3 months | crt.sh |
*.typenetwork.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-06-24 - 2022-06-29 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://zesty-continuous-spectacles.glitch.me/PAYMENT-COPY.html
Frame ID: 814C6896623285FFA4074C8292FD7A78
Requests: 5 HTTP requests in this frame
Frame:
https://zesty-continuous-spectacles.glitch.me/Sign%20in%20to%20your%20account_files/prefetch(1).html
Frame ID: 53E9FEF10DD20F37E67031DEF8576530
Requests: 3 HTTP requests in this frame
Screenshot
Detected technologies
Amazon Web Services (PaaS) ExpandDetected patterns
- headers server /^AmazonS3$/i
Amazon S3 (Miscellaneous) Expand
Detected patterns
- headers server /^AmazonS3$/i
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Can’t access your account?
Search URL Search Domain Scan URL
Title: Create one!
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://cloud.webtype.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css HTTP 301
- https://cloud.typenetwork.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css HTTP 301
- https://cloud.typenetwork.com/projects/5027/fontface.css/
8 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
PAYMENT-COPY.html
zesty-continuous-spectacles.glitch.me/ |
194 KB 194 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
microsoft_logo.svg
secure.aadcdn.microsoftonline-p.com/ests/2.1.8148.16/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.3.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prefetch(1).html
zesty-continuous-spectacles.glitch.me/Sign%20in%20to%20your%20account_files/ Frame 53E9 |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9022.jpg
i.ibb.co/N7QNNFh/ |
22 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background.jpg
zesty-continuous-spectacles.glitch.me/ |
4 KB 4 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cloud.typenetwork.com/projects/5027/fontface.css/ Frame 53E9 Redirect Chain
|
2 KB 917 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png
cdn.glitch.com/ Frame 53E9 |
166 KB 167 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery string| ai undefined| my_ai undefined| ind undefined| my_slice undefined| c undefined| final function| goNext function| closeBox function| checkSubmit function| isEmail function| iserror0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.glitch.com
cloud.typenetwork.com
cloud.webtype.com
code.jquery.com
i.ibb.co
secure.aadcdn.microsoftonline-p.com
zesty-continuous-spectacles.glitch.me
13.224.96.12
145.239.131.55
192.229.233.123
2001:4de0:ac18::1:a:3a
2606:4700:3037::6815:bdb
2a02:26f0:6c00:2a7::35c1
34.192.63.42
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
22906a0f005949f275550013b9308673372a120f6c5e49145ac520658114f158
44c7b0d2968cd8af2ceea4b8af505ccf7704e5b449c2a43e0b4de7c21661c935
5d1f9eac141b63c19a274eb9c099d629a0c4f747c8683dee8b93191b4ce0c1fd
8e25730367880105125989bc08b6a049e1f6d93e4d431e2bb69acf253c5c51e1
dd872325587bc13f16ff5aac1d8ea6f7f3de4ce88b25509cf4219d889455aa07