dev8401.d1h3hp46e2tlhf.amplifyapp.com
Open in
urlscan Pro
18.65.216.88
Malicious Activity!
Public Scan
Submission: On October 06 via api from JP — Scanned from JP
Summary
TLS certificate: Issued by Amazon RSA 2048 M03 on October 3rd 2023. Valid for: a year.
This is the only time dev8401.d1h3hp46e2tlhf.amplifyapp.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Wells Fargo (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 18.65.216.88 18.65.216.88 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2404:6800:400... 2404:6800:4004:801::200a | 15169 (GOOGLE) (GOOGLE) | |
10 10 | 99.84.133.89 99.84.133.89 | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 13.33.174.111 13.33.174.111 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 194.1.147.82 194.1.147.82 | 210250 (WPX) (WPX) | |
13 | 4 |
ASN16509 (AMAZON-02, US)
PTR: server-18-65-216-88.nrt57.r.cloudfront.net
dev8401.d1h3hp46e2tlhf.amplifyapp.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-84-133-89.nrt57.r.cloudfront.net
cdn.glitch.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-33-174-111.nrt57.r.cloudfront.net
cdn.glitch.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
glitch.me
cdn.glitch.me — Cisco Umbrella Rank: 71658 |
2 MB |
10 |
glitch.com
10 redirects
cdn.glitch.com — Cisco Umbrella Rank: 79831 |
4 KB |
1 |
smallenvelop.com
smallenvelop.com |
|
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 405 |
30 KB |
1 |
amplifyapp.com
dev8401.d1h3hp46e2tlhf.amplifyapp.com |
3 KB |
13 | 5 |
Domain | Requested by | |
---|---|---|
10 | cdn.glitch.me |
dev8401.d1h3hp46e2tlhf.amplifyapp.com
|
10 | cdn.glitch.com | 10 redirects |
1 | smallenvelop.com |
dev8401.d1h3hp46e2tlhf.amplifyapp.com
|
1 | ajax.googleapis.com |
dev8401.d1h3hp46e2tlhf.amplifyapp.com
|
1 | dev8401.d1h3hp46e2tlhf.amplifyapp.com | |
13 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.d1h3hp46e2tlhf.amplifyapp.com Amazon RSA 2048 M03 |
2023-10-03 - 2024-10-31 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-09-04 - 2023-11-27 |
3 months | crt.sh |
smallenvelop.com R3 |
2023-08-27 - 2023-11-25 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://dev8401.d1h3hp46e2tlhf.amplifyapp.com/login.html
Frame ID: BD9DB72F4FE66D67ED7E53CFF75D0EBB
Requests: 13 HTTP requests in this frame
Screenshot
Page Title
Wells Fargo - Personal & Business Banking - Student, Auto & Home Loans - Investing & InsuranceDetected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://cdn.glitch.com/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh1.png HTTP 301
- https://cdn.glitch.me/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh1.png
- https://cdn.glitch.com/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh2.png HTTP 301
- https://cdn.glitch.me/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh2.png
- https://cdn.glitch.com/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh3.png HTTP 301
- https://cdn.glitch.me/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh3.png
- https://cdn.glitch.com/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh4.png HTTP 301
- https://cdn.glitch.me/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh4.png
- https://cdn.glitch.com/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh5.png HTTP 301
- https://cdn.glitch.me/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh5.png
- https://cdn.glitch.com/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh6.png HTTP 301
- https://cdn.glitch.me/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh6.png
- https://cdn.glitch.com/3f4822e0-356f-4640-b413-68f91511b9e3%2Fwgh.png HTTP 301
- https://cdn.glitch.me/3f4822e0-356f-4640-b413-68f91511b9e3%2Fwgh.png
- https://cdn.glitch.com/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh7.png HTTP 301
- https://cdn.glitch.me/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh7.png
- https://cdn.glitch.com/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh8.png HTTP 301
- https://cdn.glitch.me/3f4822e0-356f-4640-b413-68f91511b9e3%2Fh8.png
- https://cdn.glitch.com/3f4822e0-356f-4640-b413-68f91511b9e3%2Fwsm.png HTTP 301
- https://cdn.glitch.me/3f4822e0-356f-4640-b413-68f91511b9e3%2Fwsm.png
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login.html
dev8401.d1h3hp46e2tlhf.amplifyapp.com/ |
8 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3f4822e0-356f-4640-b413-68f91511b9e3%2Fh1.png
cdn.glitch.me/ Redirect Chain
|
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3f4822e0-356f-4640-b413-68f91511b9e3%2Fh2.png
cdn.glitch.me/ Redirect Chain
|
574 KB 575 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3f4822e0-356f-4640-b413-68f91511b9e3%2Fh3.png
cdn.glitch.me/ Redirect Chain
|
371 KB 371 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3f4822e0-356f-4640-b413-68f91511b9e3%2Fh4.png
cdn.glitch.me/ Redirect Chain
|
652 KB 652 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3f4822e0-356f-4640-b413-68f91511b9e3%2Fh5.png
cdn.glitch.me/ Redirect Chain
|
305 KB 305 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3f4822e0-356f-4640-b413-68f91511b9e3%2Fh6.png
cdn.glitch.me/ Redirect Chain
|
78 KB 79 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3f4822e0-356f-4640-b413-68f91511b9e3%2Fwgh.png
cdn.glitch.me/ Redirect Chain
|
805 B 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3f4822e0-356f-4640-b413-68f91511b9e3%2Fh7.png
cdn.glitch.me/ Redirect Chain
|
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3f4822e0-356f-4640-b413-68f91511b9e3%2Fh8.png
cdn.glitch.me/ Redirect Chain
|
41 KB 42 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Preloader_11.gif
smallenvelop.com/wp-content/uploads/2014/08/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
3f4822e0-356f-4640-b413-68f91511b9e3%2Fwsm.png
cdn.glitch.me/ Redirect Chain
|
445 B 976 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Wells Fargo (Banking)2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.glitch.com
cdn.glitch.me
dev8401.d1h3hp46e2tlhf.amplifyapp.com
smallenvelop.com
13.33.174.111
18.65.216.88
194.1.147.82
2404:6800:4004:801::200a
99.84.133.89
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0cf4053b2bdee051d2ab31f6f11c1209d72416c0eb7b8eb685d8ded21ddbaa33
132aee365fd34939b9f166f3d496c106c8b88164f15a660ed447c56be369ab34
1b4892f30b9813460d34686941d020ac817638b7adbd4a15ada7f483d50c9ab8
531cded22ff35a41599c2d57d8d5ecdb90e295c7ad02833cc37c77872eb90c64
5eac933db9ba5f389b619fdec096c8d46199a6b79151fbd150ebe6a9fbd1afef
64701075a3cdc35fcff4383b98a6a42d827b62ec99c2ab6f41595fdee80d9f99
69007d0509bdbb2e53417d9e6dc5e24fae3abd22fa6f97c36a754f1c86bffb6a
936092ba9c06f61e13c0b6ecae042d05285d56adf45a9df84bbddc7cfe591d35
b6be67d9d00be08a457ed89b27760835f16a845b8cd3937ada7510fd470d4330
bd80340acb759ffe39d1a3f315050df69afdc96c4b50eec3338167e2a15f3bce
c825218949fd1e01b648571a1aac2422f382e713ca07d75a9fa028c27c54e2e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855