urlscan.io logo urlscan.io
SecurityTrails logo

cuddly-rune-flax.glitch.me Open in urlscan Pro
3.224.12.100  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://cuddly-rune-flax.glitch.me/
Submission: On April 26 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 3.224.12.100, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is cuddly-rune-flax.glitch.me.
This is the only time cuddly-rune-flax.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WeTransfer (Online)

Domain & IP information

IP Address AS Autonomous System
1 3.224.12.100 14618 (AMAZON-AES)
3 3 207.241.224.2 7941 (INTERNET-...)
1 207.241.228.195 7941 (INTERNET-...)
1 207.241.228.216 7941 (INTERNET-...)
1 207.241.228.215 7941 (INTERNET-...)
4 4
1    3.224.12.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-12-100.compute-1.amazonaws.com
cuddly-rune-flax.glitch.me
3    207.241.224.2 (United States)

ASN7941 (INTERNET-ARCHIVE, US)
PTR: www.archive.org
archive.org
1    207.241.228.195 (United States)

ASN7941 (INTERNET-ARCHIVE, US)
PTR: ia802505.us.archive.org
ia802505.us.archive.org
1    207.241.228.216 (United States)

ASN7941 (INTERNET-ARCHIVE, US)
PTR: ia902506.us.archive.org
ia902506.us.archive.org
1    207.241.228.215 (United States)

ASN7941 (INTERNET-ARCHIVE, US)
PTR: ia902505.us.archive.org
ia902505.us.archive.org
Apex Domain
Subdomains		 Transfer
6 archive.org
archive.org — Cisco Umbrella Rank: 12321
ia802505.us.archive.org
ia902506.us.archive.org
ia902505.us.archive.org
286 KB
1 glitch.me
cuddly-rune-flax.glitch.me
8 KB
4 2
Domain Requested by
3 archive.org 3 redirects
1 ia902505.us.archive.org cuddly-rune-flax.glitch.me
1 ia902506.us.archive.org cuddly-rune-flax.glitch.me
1 ia802505.us.archive.org cuddly-rune-flax.glitch.me
1 cuddly-rune-flax.glitch.me
4 5

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://cuddly-rune-flax.glitch.me/
Frame ID: 55CBC8DA53E1066F4BF89CD47DB4670F
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

WeTransfer

Page Statistics

4
Requests

0 %
HTTPS

0 %
IPv6

2
Domains

5
Subdomains

4
IPs

1
Countries

294 kB
Transfer

292 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://archive.org/download/favicon_202204/logo.png HTTP 302
  • https://ia802505.us.archive.org/27/items/favicon_202204/logo.png
Request Chain 1
  • https://archive.org/download/bg_20220403/bg.png HTTP 302
  • https://ia902506.us.archive.org/35/items/bg_20220403/bg.png
Request Chain 2
  • https://archive.org/download/favicon_202204/sub.png HTTP 302
  • https://ia902505.us.archive.org/27/items/favicon_202204/sub.png

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
cuddly-rune-flax.glitch.me/ 		8 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://cuddly-rune-flax.glitch.me/
Protocol
HTTP/1.1
Server
3.224.12.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-12-100.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
0017d19cab92ca6427fb27cf059553e1256e1278b72abfba8cdbafe1c6449bb5

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
7827
Content-Type
text/html; charset=utf-8
Date
Wed, 26 Apr 2023 10:24:25 GMT
accept-ranges
bytes
cache-control
no-cache
etag
"4d919386085cea5f3f193c9a2eb57080"
last-modified
Wed, 26 Apr 2023 00:23:38 GMT
server
AmazonS3
x-amz-id-2
SShjrejLdK8WHSIuCMXULGrA2ukOkofcncY0x2TGrrFzxyho7eFZFTtmn45P8qXb3Hx59vGCAwoWixHqiZUEdYchpBR7CL1qWptGTB9PTUg=
x-amz-request-id
Y1DYMZN4P0T45M9H
x-amz-server-side-encryption
AES256
x-amz-version-id
HF3Y79Vx333OHNPJM9Vgpk.fsIuRpBxd
logo.png
ia802505.us.archive.org/27/items/favicon_202204/
Redirect Chain
  • https://archive.org/download/favicon_202204/logo.png
  • https://ia802505.us.archive.org/27/items/favicon_202204/logo.png
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ia802505.us.archive.org/27/items/favicon_202204/logo.png
Requested by
Host: cuddly-rune-flax.glitch.me
URL: http://cuddly-rune-flax.glitch.me/
Protocol
H2
Server
207.241.228.195 , United States, ASN7941 (INTERNET-ARCHIVE, US),
Reverse DNS
ia802505.us.archive.org
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
72d11555972a6f3b75c19057d0fb0013ea2bb592b6a011e79ed87afcbd2bbfe6
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cuddly-rune-flax.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:24:27 GMT
strict-transport-security
max-age=15724800
last-modified
Sun, 03 Apr 2022 11:40:37 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"624987b5-1f47"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=21600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept-Encoding,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,DNT,Pragma,Range,X-Requested-With
content-length
8007
expires
Wed, 26 Apr 2023 16:24:27 GMT

Redirect headers

date
Wed, 26 Apr 2023 10:24:26 GMT
strict-transport-security
max-age=15724800
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
location
https://ia802505.us.archive.org/27/items/favicon_202204/logo.png
access-control-allow-origin
*
accept-ranges
bytes
bg.png
ia902506.us.archive.org/35/items/bg_20220403/
Redirect Chain
  • https://archive.org/download/bg_20220403/bg.png
  • https://ia902506.us.archive.org/35/items/bg_20220403/bg.png
247 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ia902506.us.archive.org/35/items/bg_20220403/bg.png
Requested by
Host: cuddly-rune-flax.glitch.me
URL: http://cuddly-rune-flax.glitch.me/
Protocol
H2
Server
207.241.228.216 , United States, ASN7941 (INTERNET-ARCHIVE, US),
Reverse DNS
ia902506.us.archive.org
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
0f87d89d71f89ec01e907d372c2adb506a1b99bead90dbb88cde0df013bbab5f
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cuddly-rune-flax.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:24:26 GMT
strict-transport-security
max-age=15724800
last-modified
Sun, 03 Apr 2022 11:37:41 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"62498705-3daa3"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=21600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept-Encoding,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,DNT,Pragma,Range,X-Requested-With
content-length
252579
expires
Wed, 26 Apr 2023 16:24:26 GMT

Redirect headers

date
Wed, 26 Apr 2023 10:24:26 GMT
strict-transport-security
max-age=15724800
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
location
https://ia902506.us.archive.org/35/items/bg_20220403/bg.png
access-control-allow-origin
*
accept-ranges
bytes
sub.png
ia902505.us.archive.org/27/items/favicon_202204/
Redirect Chain
  • https://archive.org/download/favicon_202204/sub.png
  • https://ia902505.us.archive.org/27/items/favicon_202204/sub.png
30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ia902505.us.archive.org/27/items/favicon_202204/sub.png
Requested by
Host: cuddly-rune-flax.glitch.me
URL: http://cuddly-rune-flax.glitch.me/
Protocol
H2
Server
207.241.228.215 , United States, ASN7941 (INTERNET-ARCHIVE, US),
Reverse DNS
ia902505.us.archive.org
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f41a60b7606cd02e88741502f17c6bd48cfb084c9c01dc3d9cf4a1cc743e6bd9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://cuddly-rune-flax.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 10:24:26 GMT
strict-transport-security
max-age=15724800
last-modified
Sun, 03 Apr 2022 11:41:00 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"624987cc-775c"
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=21600
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
Accept-Encoding,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,DNT,Pragma,Range,X-Requested-With
content-length
30556
expires
Wed, 26 Apr 2023 16:24:26 GMT

Redirect headers

date
Wed, 26 Apr 2023 10:24:26 GMT
strict-transport-security
max-age=15724800
referrer-policy
no-referrer-when-downgrade
server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
location
https://ia902505.us.archive.org/27/items/favicon_202204/sub.png
access-control-allow-origin
*
accept-ranges
bytes

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WeTransfer (Online)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless string| h object| a object| j function| m object| k number| g number| f string| c function| b function| n function| myFunction function| login string| hash function| suc

0 Cookies