cuddly-rune-flax.glitch.me
Open in
urlscan Pro
3.224.12.100
Malicious Activity!
Public Scan
Submission: On April 26 via manual from IN — Scanned from DE
Summary
This is the only time cuddly-rune-flax.glitch.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WeTransfer (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 3.224.12.100 3.224.12.100 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 3 | 207.241.224.2 207.241.224.2 | 7941 (INTERNET-...) (INTERNET-ARCHIVE) | |
1 | 207.241.228.195 207.241.228.195 | 7941 (INTERNET-...) (INTERNET-ARCHIVE) | |
1 | 207.241.228.216 207.241.228.216 | 7941 (INTERNET-...) (INTERNET-ARCHIVE) | |
1 | 207.241.228.215 207.241.228.215 | 7941 (INTERNET-...) (INTERNET-ARCHIVE) | |
4 | 4 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-12-100.compute-1.amazonaws.com
cuddly-rune-flax.glitch.me |
ASN7941 (INTERNET-ARCHIVE, US)
PTR: ia802505.us.archive.org
ia802505.us.archive.org |
ASN7941 (INTERNET-ARCHIVE, US)
PTR: ia902506.us.archive.org
ia902506.us.archive.org |
ASN7941 (INTERNET-ARCHIVE, US)
PTR: ia902505.us.archive.org
ia902505.us.archive.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
6 |
archive.org
3 redirects
archive.org — Cisco Umbrella Rank: 12321 ia802505.us.archive.org ia902506.us.archive.org ia902505.us.archive.org |
286 KB |
1 |
glitch.me
cuddly-rune-flax.glitch.me |
8 KB |
4 | 2 |
Domain | Requested by | |
---|---|---|
3 | archive.org | 3 redirects |
1 | ia902505.us.archive.org |
cuddly-rune-flax.glitch.me
|
1 | ia902506.us.archive.org |
cuddly-rune-flax.glitch.me
|
1 | ia802505.us.archive.org |
cuddly-rune-flax.glitch.me
|
1 | cuddly-rune-flax.glitch.me | |
4 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://cuddly-rune-flax.glitch.me/
Frame ID: 55CBC8DA53E1066F4BF89CD47DB4670F
Requests: 4 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://archive.org/download/favicon_202204/logo.png HTTP 302
- https://ia802505.us.archive.org/27/items/favicon_202204/logo.png
- https://archive.org/download/bg_20220403/bg.png HTTP 302
- https://ia902506.us.archive.org/35/items/bg_20220403/bg.png
- https://archive.org/download/favicon_202204/sub.png HTTP 302
- https://ia902505.us.archive.org/27/items/favicon_202204/sub.png
4 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
cuddly-rune-flax.glitch.me/ |
8 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
ia802505.us.archive.org/27/items/favicon_202204/ Redirect Chain
|
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg.png
ia902506.us.archive.org/35/items/bg_20220403/ Redirect Chain
|
247 KB 247 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sub.png
ia902505.us.archive.org/27/items/favicon_202204/ Redirect Chain
|
30 KB 30 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WeTransfer (Online)15 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless string| h object| a object| j function| m object| k number| g number| f string| c function| b function| n function| myFunction function| login string| hash function| suc0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
archive.org
cuddly-rune-flax.glitch.me
ia802505.us.archive.org
ia902505.us.archive.org
ia902506.us.archive.org
207.241.224.2
207.241.228.195
207.241.228.215
207.241.228.216
3.224.12.100
0017d19cab92ca6427fb27cf059553e1256e1278b72abfba8cdbafe1c6449bb5
0f87d89d71f89ec01e907d372c2adb506a1b99bead90dbb88cde0df013bbab5f
72d11555972a6f3b75c19057d0fb0013ea2bb592b6a011e79ed87afcbd2bbfe6
f41a60b7606cd02e88741502f17c6bd48cfb084c9c01dc3d9cf4a1cc743e6bd9