we-trans-exultant-clubs.glitch.me Open in urlscan Pro
35.170.12.36 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://we-trans-exultant-clubs.glitch.me/?email=*@
Submission: On April 22 via api (April 22nd 2024, 3:43:37 pm UTC) from US — Scanned from DE

Summary HTTP 21 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 1 countries across 4 domains to perform 21 HTTP transactions. The main IP is 35.170.12.36, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is we-trans-exultant-clubs.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.

This is the only time we-trans-exultant-clubs.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WeTransfer (Online)

Domain & IP information

	IP Address	AS Autonomous System
19	35.170.12.36 35.170.12.36	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2606:4700:10:... 2606:4700:10::6816:e8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
21	3

19 35.170.12.36 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-170-12-36.compute-1.amazonaws.com

we-trans-exultant-clubs.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
florentine-brave-principle.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:e8 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cutt.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

cdn.glitch.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	glitch.me we-trans-exultant-clubs.glitch.me florentine-brave-principle.glitch.me	706 KB
1	glitch.global cdn.glitch.global — Cisco Umbrella Rank: 210945	2 MB
1	cutt.ly 1 redirects cutt.ly — Cisco Umbrella Rank: 54972	411 B
0	Failed function sub() { [native code] }. Failed
21	4

	Domain	Requested by
18	we-trans-exultant-clubs.glitch.me	we-trans-exultant-clubs.glitch.me
1	cdn.glitch.global	we-trans-exultant-clubs.glitch.me
1	florentine-brave-principle.glitch.me	we-trans-exultant-clubs.glitch.me
1	cutt.ly	1 redirects
0	invalid Failed	we-trans-exultant-clubs.glitch.me
21	5

This site contains no links.

Subject Issuer	Validity	Valid
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
cdn.glitch.global R3	`2024-03-31` - `2024-06-29`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://we-trans-exultant-clubs.glitch.me/?email=*@
Frame ID: 88AA4711067B3F59231D44CE5550811C
Requests: 9 HTTP requests in this frame

Frame: https://we-trans-exultant-clubs.glitch.me/1.html
Frame ID: F043D2BE263EAF4E1554DBCBD7952B18
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

21
Requests

90 %
HTTPS

33 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

2526 kB
Transfer

2688 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://cutt.ly/AwfGdyLa HTTP 301
https://florentine-brave-principle.glitch.me/kjlmk.css

21 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
we-trans-exultant-clubs.glitch.me/ 123 KB
123 KB 625ms
369ms Document
text/html 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/?email=*@
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 051c0d02072e5d5c8ff44fd388ab34996f91bf078d96779a46732a5fc0168489

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 125730
content-type: text/html; charset=utf-8
date: Mon, 22 Apr 2024 15:43:30 GMT
etag: "d60dd41c46206245dbb11480c5bdf6b2"
last-modified: Fri, 05 Apr 2024 13:01:02 GMT
server: AmazonS3
x-amz-id-2: DSbOUr3u2MnHuvljuxvuHLQ+imWn6WCjt9QARcI8NJJoC/3DQ5pB9miosEeU7Pam5Wvaq2oLjTL1LLhj+rJQX5Gu7qiobTN42u/Tk8CCN8M=
x-amz-request-id: YGKE4Q5D58W8HVD7
x-amz-server-side-encryption: AES256
x-amz-version-id: pNWe_NBBgsLnCF1JTjBcvSJ05VlOv_Ag

GET
H2 200 1.js Show response
we-trans-exultant-clubs.glitch.me/ 87 KB
88 KB 237ms
236ms Script
application/javascript 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/1.js
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/?email=*@
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/?email=*@
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:30 GMT
x-amz-version-id: T4juu.bL86TPFnrZkjXjGelF8QPhnatg
last-modified: Fri, 05 Apr 2024 13:01:02 GMT
server: AmazonS3
x-amz-request-id: YGK1AXA2F66W0RNR
etag: "b6f7093369a0e8b83703914ce731b13c"
x-amz-server-side-encryption: AES256
content-type: application/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 89496
x-amz-id-2: 1YUqJjhlpC3xic/yQvEcxG1jeBqZDuiFnsQKLFmOHcDWI60QPVfq01oGDNogAvlVinK6kqLP1s0=

GET
H2 404 analytics.js.download
we-trans-exultant-clubs.glitch.me/ 0
0 235ms
235ms Script
text/html 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/analytics.js.download
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/?email=*@
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/?email=*@
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:30 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 404 bWqOLA69nu2fsMi45LjA.js.download
we-trans-exultant-clubs.glitch.me/ 0
0 221ms
220ms Script
text/html 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/bWqOLA69nu2fsMi45LjA.js.download
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/?email=*@
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/?email=*@
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:30 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 404 gtm.js.download
we-trans-exultant-clubs.glitch.me/ 0
0 220ms
220ms Script
text/html 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/gtm.js.download
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/?email=*@
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/?email=*@
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:30 GMT
cache-control: max-age=0
content-length: 3674

GET /
invalid/ 0
0

GET
H2

200

kjlmk.css
florentine-brave-principle.glitch.me/
Redirect Chain

https://cutt.ly/AwfGdyLa
https://florentine-brave-principle.glitch.me/kjlmk.css

391 KB
392 KB

308ms
297ms

Stylesheet
text/css

35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://florentine-brave-principle.glitch.me/kjlmk.css
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/?email=*@
Protocol: H2
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7650cccb518dc3993c51d7a477c1676cf331e22856d2a5456178e5dc96f0ac39

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Mon, 22 Apr 2024 15:43:30 GMT
x-amz-version-id: 0wiCZMX7bst_JIyXIchPNKoPB0U63pYx
last-modified: Fri, 11 Aug 2023 10:29:48 GMT
server: AmazonS3
x-amz-request-id: YGK1TZ65BQPEGQFV
etag: "74acefad72f0016dcfb1e747dff5a9a7"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 400623
x-amz-id-2: Gcpv3rnK4CDxO62Cfjxy8/jAGqj4/t2EsFOu2OQ3rlsQ5t/yCD5YNZHeNYOxxJN3VybX9nrUTSM=

Redirect headers

pragma: no-cache
date: Mon, 22 Apr 2024 15:43:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
referrer-policy: same-origin
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://florentine-brave-principle.glitch.me/kjlmk.css
cache-control: no-cache, no-store, must-revalidate
cf-ray: 8786bad7fad419ad-FRA
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 2.js Show response
we-trans-exultant-clubs.glitch.me/ 76 KB
76 KB 250ms
250ms Script
application/javascript 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/2.js
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/?email=*@
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7a32a6e4c5e81f0d51cb97466aa442a2342f5ab5c62ff62c3094296fabdda734

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/?email=*@
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:30 GMT
x-amz-version-id: ip7Xwq_AivmcBjIttoXjSi_y.xQcouQg
last-modified: Fri, 05 Apr 2024 13:01:02 GMT
server: AmazonS3
x-amz-request-id: YGKE0GYVC3WS3JX6
etag: "46d5d43b6f75fd3fe4c0d0db009ed5dd"
x-amz-server-side-encryption: AES256
content-type: application/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 77445
x-amz-id-2: kvQjT/EEWdeJNCLk6q77pIZ3evMKGNyvjRv6bCvk4MFDYpU1LZxBuBbPu0ohREVPI9XY6cROYeE=

GET
H2 200 1.html Show response
we-trans-exultant-clubs.glitch.me/ Frame F043 13 KB
13 KB 177ms
176ms Document
text/html 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/1.html
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/?email=*@
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: f82c8e6eea3d4e135de0c1c2baf9372662c4b5135cf645472da3b0f1cb9a6eb8

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://we-trans-exultant-clubs.glitch.me/?email=*@
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 13058
content-type: text/html; charset=utf-8
date: Mon, 22 Apr 2024 15:43:31 GMT
etag: "8948560bf66aaff455d46670e36e2640"
last-modified: Fri, 05 Apr 2024 13:01:02 GMT
server: AmazonS3
x-amz-id-2: DieqIBqb8TVAColauaynw/HnTI2eQHumjEJmxpbNER+R5uja87AqaArXBPYmZQjenNfv+SAU7Sg=
x-amz-request-id: J0FHFM5PAA8F9T15
x-amz-server-side-encryption: AES256
x-amz-version-id: 4Su8pYmTdJuwQ7HirXIYNEwRzyv8dbII

GET
H2 200 1.js Show response
we-trans-exultant-clubs.glitch.me/ Frame F043 87 KB
284 B 166ms
163ms Script
application/javascript 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/1.js
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:31 GMT
x-amz-version-id: T4juu.bL86TPFnrZkjXjGelF8QPhnatg
last-modified: Fri, 05 Apr 2024 13:01:02 GMT
server: AmazonS3
x-amz-request-id: J0FYJWG1DV7ESD55
etag: "b6f7093369a0e8b83703914ce731b13c"
x-amz-server-side-encryption: AES256
content-type: application/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 89496
x-amz-id-2: la78qdArqz4VR7MMfomcxJOCIF1U5Y5xtbWxAXXA5Xm2s/U+dv3lT26UM6CF4A8xipfc3VA6bBgnIQVjbSpJEA==

GET
H2 200 wallpaper-toolbox-2.css
we-trans-exultant-clubs.glitch.me/ Frame F043 5 KB
5 KB 220ms
216ms Stylesheet
text/css 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/wallpaper-toolbox-2.css
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2c5968a107e4fdbb9a3ae3d67c10780c8a644e8d4d1e73dacc32ec78b5712038

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:31 GMT
x-amz-version-id: EDriQ_VbAfscQoiOPSFtJazWuMJadzoh
last-modified: Fri, 05 Apr 2024 13:01:02 GMT
server: AmazonS3
x-amz-request-id: J0FXE6T4WY39RR8X
etag: "b90314c49e899fb3edec053f6429c324"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 5164
x-amz-id-2: 3gcM+9m0+tyXHL2bGs29BGc4lU0v5ByKt/nOXcs70S7yYDYCDv+OBNNMCHEtsZOkt2ungsDMNGY=

GET
H2 200 2.js Show response
we-trans-exultant-clubs.glitch.me/ Frame F043 76 KB
299 B 166ms
164ms Script
application/javascript 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/2.js
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7a32a6e4c5e81f0d51cb97466aa442a2342f5ab5c62ff62c3094296fabdda734

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:31 GMT
x-amz-version-id: ip7Xwq_AivmcBjIttoXjSi_y.xQcouQg
last-modified: Fri, 05 Apr 2024 13:01:02 GMT
server: AmazonS3
x-amz-request-id: J0FQX286T1PH3PTY
etag: "46d5d43b6f75fd3fe4c0d0db009ed5dd"
x-amz-server-side-encryption: AES256
content-type: application/javascript; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 77445
x-amz-id-2: gMhOGq7fCxxR6APLiMCTacRtI7yxI23OBczEVlPXAswDPlvHII7mgMxidwJT9LttW8ejfFCvAWu+6KhU9D6aVnLrPQR/fcb4+/LWYxxilVk=

GET
H2 404 dom4.js
we-trans-exultant-clubs.glitch.me/ Frame F043 0
0 155ms
152ms Script
text/html 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/dom4.js
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:31 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 404 anime.js
we-trans-exultant-clubs.glitch.me/ Frame F043 0
0 146ms
144ms Script
text/html 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/anime.js
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:31 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 404 wallpaper-api-2.js
we-trans-exultant-clubs.glitch.me/ Frame F043 0
0 148ms
146ms Script
text/html 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/wallpaper-api-2.js
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:31 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 404 wallpaper-toolbox-2.js
we-trans-exultant-clubs.glitch.me/ Frame F043 0
0 151ms
149ms Script
text/html 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/wallpaper-toolbox-2.js
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:31 GMT
cache-control: max-age=0
content-length: 3674

GET
DATA 200
OK truncated
/ Frame F043 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb03f92c07b692ce08005daa5f69a374b6bc2f65e0f5bde64aa1e18499b6e8f9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 404 next-button.png
we-trans-exultant-clubs.glitch.me/assets/images/ Frame F043 4 KB
4 KB 150ms
149ms Image
text/html 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://we-trans-exultant-clubs.glitch.me/assets/images/next-button.png
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: /
Resource Hash: 2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/1.html
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:31 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 404 DINNextW1G-Bold.woff
we-trans-exultant-clubs.glitch.me/assets/fonts/ Frame F043 0
0 152ms
151ms Font
text/html 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/assets/fonts/DINNextW1G-Bold.woff
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/1.html
Origin: https://we-trans-exultant-clubs.glitch.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:31 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 404 DINNextW1G-Regular.woff
we-trans-exultant-clubs.glitch.me/assets/fonts/ Frame F043 0
0 155ms
154ms Font
text/html 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/assets/fonts/DINNextW1G-Regular.woff
Requested by: Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/1.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/1.html
Origin: https://we-trans-exultant-clubs.glitch.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:31 GMT
cache-control: max-age=0
content-length: 3674

GET
H2 206 video-04.mp4
cdn.glitch.global/9ed4c623-bd1b-4310-adb3-cf24b8807ba1/ Frame F043 2 MB
2 MB 85ms
22ms Media
video/mp4 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.glitch.global/9ed4c623-bd1b-4310-adb3-cf24b8807ba1/video-04.mp4?v=1673277070960

Requested by

Host: we-trans-exultant-clubs.glitch.me
URL: https://we-trans-exultant-clubs.glitch.me/1.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

55698987600e1a53ecc16853bb344c4a374db9f1e824ecd43e95a6f544de9595

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Referer: https://we-trans-exultant-clubs.glitch.me/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Mon, 22 Apr 2024 15:43:31 GMT
x-amz-request-id: J6ASQXD1HGB0SETN
age: 209710
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
Content-Range: bytes 0-1862641/1862642
Content-Length: 1862642
x-amz-id-2: NLc6b4O23qw5vSVFUdL+azlveoR1pVdN0CIhnFjrfnvjY15c22v8ldiQhfynHxtwPtdmuygLaF4=
x-served-by: cache-iad-kjyo7100122-IAD, cache-fra-etou8220032-FRA
last-modified: Mon, 09 Jan 2023 15:11:00 GMT
server: AmazonS3
x-timer: S1713800612.838909,VS0,VE1
etag: "6fd59cf63aa3165809a31a4e64187c8a"
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 2, 0

GET
H2 404 favicon.ico
we-trans-exultant-clubs.glitch.me/ 4 KB
4 KB 160ms
160ms Other
text/html 35.170.12.36
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://we-trans-exultant-clubs.glitch.me/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.12.36 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-170-12-36.compute-1.amazonaws.com
Software: /
Resource Hash: 2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://we-trans-exultant-clubs.glitch.me/?email=*@
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 22 Apr 2024 15:43:32 GMT
cache-control: max-age=0
content-length: 3674

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: invalid
URL: chrome-extension://invalid/

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WeTransfer (Online)

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

13 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: chrome-extension://invalid/ Message: Failed to load resource: net::ERR_BLOCKED_BY_CLIENT
network	error	URL: https://we-trans-exultant-clubs.glitch.me/analytics.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://we-trans-exultant-clubs.glitch.me/gtm.js.download Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://we-trans-exultant-clubs.glitch.me/bWqOLA69nu2fsMi45LjA.js.download Message: Failed to load resource: the server responded with a status of 404 ()
recommendation	verbose	URL: https://we-trans-exultant-clubs.glitch.me/?email=@ Message*: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://we-trans-exultant-clubs.glitch.me/anime.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://we-trans-exultant-clubs.glitch.me/wallpaper-api-2.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://we-trans-exultant-clubs.glitch.me/wallpaper-toolbox-2.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://we-trans-exultant-clubs.glitch.me/dom4.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://we-trans-exultant-clubs.glitch.me/assets/images/next-button.png Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://we-trans-exultant-clubs.glitch.me/assets/fonts/DINNextW1G-Bold.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://we-trans-exultant-clubs.glitch.me/assets/fonts/DINNextW1G-Regular.woff Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://we-trans-exultant-clubs.glitch.me/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.glitch.global
cutt.ly
florentine-brave-principle.glitch.me
invalid
we-trans-exultant-clubs.glitch.me
invalid
151.101.130.132
2606:4700:10::6816:e8
35.170.12.36
051c0d02072e5d5c8ff44fd388ab34996f91bf078d96779a46732a5fc0168489
2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c
2c5968a107e4fdbb9a3ae3d67c10780c8a644e8d4d1e73dacc32ec78b5712038
55698987600e1a53ecc16853bb344c4a374db9f1e824ecd43e95a6f544de9595
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
7650cccb518dc3993c51d7a477c1676cf331e22856d2a5456178e5dc96f0ac39
7a32a6e4c5e81f0d51cb97466aa442a2342f5ab5c62ff62c3094296fabdda734
cb03f92c07b692ce08005daa5f69a374b6bc2f65e0f5bde64aa1e18499b6e8f9
f82c8e6eea3d4e135de0c1c2baf9372662c4b5135cf645472da3b0f1cb9a6eb8

we-trans-exultant-clubs.glitch.me Open in urlscan Pro 35.170.12.36 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

21 Requests

90 %HTTPS

33 %IPv6

4 Domains

5 Subdomains

3 IPs

1 Countries

2526 kBTransfer

2688 kBSize

0 Cookies

0 Outgoing links

Redirected requests

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

33 JavaScript Global Variables

0 Cookies

13 Console Messages

Indicators

we-trans-exultant-clubs.glitch.me Open in urlscan Pro
35.170.12.36 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

21
Requests

90 %
HTTPS

33 %
IPv6

4
Domains

5
Subdomains

3
IPs

1
Countries

2526 kB
Transfer

2688 kB
Size

0
Cookies

21 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!