fifth-scooter.glitch.me
Open in
urlscan Pro
54.89.44.97
Malicious Activity!
Public Scan
Submission Tags: @ipnigh
Submission: On September 01 via api from GB
Summary
This is the only time fifth-scooter.glitch.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Crypto (Crypto Exchange)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 54.89.44.97 54.89.44.97 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
12 25 | 207.241.226.190 207.241.226.190 | 7941 (INTERNET-...) (INTERNET-ARCHIVE - Internet Archive) | |
17 | 3 |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-89-44-97.compute-1.amazonaws.com
fifth-scooter.glitch.me |
ASN7941 (INTERNET-ARCHIVE - Internet Archive, US)
PTR: wwwb-front1.us.archive.org
web.archive.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
25 |
archive.org
12 redirects
web.archive.org |
366 KB |
1 |
glitch.me
fifth-scooter.glitch.me |
52 KB |
0 |
histats.com
Failed
s4.histats.com Failed |
|
17 | 3 |
Domain | Requested by | |
---|---|---|
25 | web.archive.org |
12 redirects
fifth-scooter.glitch.me
|
1 | fifth-scooter.glitch.me | |
0 | s4.histats.com Failed |
web.archive.org
|
17 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
web.archive.org |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.archive.org Go Daddy Secure Certificate Authority - G2 |
2016-12-19 - 2020-02-21 |
3 years | crt.sh |
1970-01-01 - 1970-01-01 |
a few seconds | crt.sh |
This page contains 2 frames:
Primary Page:
http://fifth-scooter.glitch.me/btc
Frame ID: D116F7FE41E4FB4AE707AD2CEAF418F5
Requests: 16 HTTP requests in this frame
Frame:
https://web.archive.org/web/20190802175314/https://commentsblogee.tumblr.com/
Frame ID: CD074BCA288ADECACD7A2FCB85AD5746
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Ubuntu (Operating Systems) ExpandDetected patterns
- headers server /Ubuntu/i
Bootstrap (Web Frameworks) Expand
Detected patterns
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
Clipboard.js (Miscellaneous) Expand
Detected patterns
- script /clipboard(?:-([\d.]+))?(?:\.min)?\.js/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Electrum
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://web.archive.org/web/20190802175307/https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.4.2/clipboard.min.js HTTP 302
- https://web.archive.org/web/20190802175310/https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.4.2/clipboard.min.js
- https://web.archive.org/web/20190802175307/https://blockchain.info/Resources/js/jquery.min.js HTTP 302
- https://web.archive.org/web/20190802175310/https://blockchain.info/Resources/js/jquery.min.js
- https://web.archive.org/web/20190802175307/https://blockchain.info/Resources/overrides.min.css?18005c9c8eb43636 HTTP 302
- https://web.archive.org/web/20190802175310/https://blockchain.info/Resources/overrides.min.css?18005c9c8eb43636
- https://web.archive.org/web/20190802175307/https://blockchain.info/Resources/js/shared.min.js?18005c9c8eb43636 HTTP 302
- https://web.archive.org/web/20190802175310/https://blockchain.info/Resources/js/shared.min.js?18005c9c8eb43636
- https://web.archive.org/web/20190802175307/https://static.tumblr.com/n2nup4r/du2pswb6c/comments.css HTTP 302
- https://web.archive.org/web/20190802175310/https://static.tumblr.com/n2nup4r/du2pswb6c/comments.css
- https://web.archive.org/web/20190802175307/https://static.tumblr.com/n2nup4r/R1Gpswbma/u.css HTTP 302
- https://web.archive.org/web/20190802175310/https://static.tumblr.com/n2nup4r/R1Gpswbma/u.css
- https://web.archive.org/web/20190802175307/https://blockchain.info/Resources/app-overrides.css?18005c9c8eb43636 HTTP 302
- https://web.archive.org/web/20190802175310/https://blockchain.info/Resources/app-overrides.css?18005c9c8eb43636
- http://web.archive.org/web/20190802175307/https://s10.histats.com/js15_as.js HTTP 302
- http://web.archive.org/web/20190802171138/https://s10.histats.com/js15_as.js
- https://web.archive.org/web/20190802175307/https://chart.apis.google.com/chart?cht=qr&chs=300x300&chl=1NYiYR86bBbbGkMQiboxjhsCUy21FQ2MqX&chld=H|0 HTTP 302
- https://web.archive.org/web/20190802175310/https://chart.apis.google.com/chart?cht=qr&chs=300x300&chl=1NYiYR86bBbbGkMQiboxjhsCUy21FQ2MqX&chld=H|0
- https://web.archive.org/web/20190802175307/https://i.imgur.com/T1X5ZPT.gif HTTP 302
- https://web.archive.org/web/20190802175310/https://i.imgur.com/T1X5ZPT.gif
- https://web.archive.org/web/20190802175307/https://c.disquscdn.com/uploads/users/25149/2831/avatar92.jpg?1528238676 HTTP 302
- https://web.archive.org/web/20190802175314/https://c.disquscdn.com/uploads/users/25149/2831/avatar92.jpg?1528238676
- https://web.archive.org/web/20190802175307/https://commentsblogee.tumblr.com/ HTTP 302
- https://web.archive.org/web/20190802175314/https://commentsblogee.tumblr.com/
- http://web.archive.org/web/20190802175307/https://www.google-analytics.com//r/collect?v=1&_v=j77&a=1240110770&t=pageview&_s=1&dl=http%3A%2F%2Ffifth-scooter.glitch.me%2Fbtc&dp=%2Fb8d5fab3-5ace-4ce7-b709-12b89e5113e9.html&ul=en-us&de=UTF-8&dt=BTC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1004489453&gjid=2029846805&cid=439750105.1567329352&tid=UA-75065234-3&_gid=182773249.1567329352&_r=1&z=1229623008 HTTP 302
- http://web.archive.org/save/_embed/https://www.google-analytics.com//r/collect?v=1&_v=j77&a=1240110770&t=pageview&_s=1&dl=http%3A%2F%2Ffifth-scooter.glitch.me%2Fbtc&dp=%2Fb8d5fab3-5ace-4ce7-b709-12b89e5113e9.html&ul=en-us&de=UTF-8&dt=BTC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1004489453&gjid=2029846805&cid=439750105.1567329352&tid=UA-75065234-3&_gid=182773249.1567329352&_r=1&z=1229623008 HTTP 302
- http://web.archive.org/save/https://www.google-analytics.com//r/collect?v=1&_v=j77&a=1240110770&t=pageview&_s=1&dl=http%3A%2F%2Ffifth-scooter.glitch.me%2Fbtc&dp=%2Fb8d5fab3-5ace-4ce7-b709-12b89e5113e9.html&ul=en-us&de=UTF-8&dt=BTC&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAEAB~&jid=1004489453&gjid=2029846805&cid=439750105.1567329352&tid=UA-75065234-3&_gid=182773249.1567329352&_r=1&z=1229623008 HTTP 302
- http://web.archive.org/save/https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75065234-3&cid=439750105.1567329352&jid=1004489453&_gid=182773249.1567329352&gjid=2029846805&_v=j77&z=1229623008 HTTP 302
- http://web.archive.org/save/https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75065234-3&cid=439750105.1567329352&jid=1004489453&_v=j77&z=1229623008 HTTP 302
- http://web.archive.org/web/20190901091602/https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75065234-3&cid=439750105.1567329352&jid=1004489453&_v=j77&z=1229623008
17 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
btc
fifth-scooter.glitch.me/ |
52 KB 52 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
clipboard.min.js
web.archive.org/web/20190802175310/https://cdnjs.cloudflare.com/ajax/libs/clipboard.js/1.4.2/ Redirect Chain
|
8 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
web.archive.org/web/20190802175310/https://blockchain.info/Resources/js/ Redirect Chain
|
94 KB 41 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
bootstrap.min.js
web.archive.org/web/20190802175307/https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
overrides.min.css
web.archive.org/web/20190802175310/https://blockchain.info/Resources/ Redirect Chain
|
5 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.min.js
web.archive.org/web/20190802175310/https://blockchain.info/Resources/js/ Redirect Chain
|
14 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
comments.css
web.archive.org/web/20190802175310/https://static.tumblr.com/n2nup4r/du2pswb6c/ Redirect Chain
|
152 KB 58 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
u.css
web.archive.org/web/20190802175310/https://static.tumblr.com/n2nup4r/R1Gpswbma/ Redirect Chain
|
205 KB 46 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app-overrides.css
web.archive.org/web/20190802175310/https://blockchain.info/Resources/ Redirect Chain
|
2 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js15_as.js
web.archive.org/web/20190802171138/https://s10.histats.com/ Redirect Chain
|
12 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chart
web.archive.org/web/20190802175310/https://chart.apis.google.com/ Redirect Chain
|
2 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
T1X5ZPT.gif
web.archive.org/web/20190802175310/https://i.imgur.com/ Redirect Chain
|
126 KB 128 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar92.jpg
web.archive.org/web/20190802175314/https://c.disquscdn.com/uploads/users/25149/2831/ Redirect Chain
|
2 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
web.archive.org/web/20190802175307/https://www.google-analytics.com/ |
44 KB 46 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
web.archive.org/web/20190802175314/https://commentsblogee.tumblr.com/ Frame CD07 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
ga-audiences
web.archive.org/web/20190901091602/https://www.google.com/ads/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
0.php
s4.histats.com/stats/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- web.archive.org
- URL
- https://web.archive.org/web/20190802175307/https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js
- Domain
- web.archive.org
- URL
- http://web.archive.org/web/20190901091602/https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-75065234-3&cid=439750105.1567329352&jid=1004489453&_v=j77&z=1229623008
- Domain
- s4.histats.com
- URL
- http://s4.histats.com/stats/0.php?4282449&@f16&@g1&@h1&@i1&@j1567329361992&@k0&@l1&@mBTC&@n0&@o1000&@q0&@r0&@s0&@ten-US&@u1600&@b1:-43379939&@b3:1567329362&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Ffifth-scooter.glitch.me%2Fbtc&@w
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Crypto (Crypto Exchange)78 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _Hasync function| Clipboard function| $ function| jQuery string| ADDRESS number| satoshi string| show_adv object| adv_rule object| symbol_btc object| symbol_local object| symbol string| root string| resource undefined| war_checksum boolean| min boolean| isExtension string| APP_VERSION string| APP_NAME string| IMPORTED_APP_NAME string| IMPORTED_APP_VERSION function| stripHTML function| setLocalSymbol function| setBTCSymbol undefined| names undefined| ws undefined| reconnectInterval function| webSocketConnect function| BlockFromJSON function| TransactionFromJSON function| padStr function| dateToString function| parseURLQuery function| generateURL function| formatSatoshi function| convert function| formatBTC function| sShift function| formatSymbol function| formatMoney function| formatOutput function| toggleAdv function| setAdv function| calcMoney function| setupSymbolToggle function| toggleSymbol object| _sounds function| playSound function| setupToggle function| updateQueryString function| loadScript function| SetCookie function| getCookie object| MyStore string| GoogleAnalyticsObject function| ga function| wait function| random function| uuidv4 function| bet function| removeArr function| addLink function| sub function| newtr function| insertAfter function| updateTrans object| times function| setProgress number| ctd object| clipboard object| jQuery1111012348265272585612 object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| chfh function| chfh2 string| _HST_cntval object| Histats0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fifth-scooter.glitch.me
s4.histats.com
web.archive.org
s4.histats.com
web.archive.org
207.241.226.190
54.89.44.97
0f8b0b3f1c63bc1adfa324a16c775c4cc04b8746c98add00f72a079985a3c3ee
1ca6687ae4e765ace4493674f5999329a64a448a27359e268d0e0279b8c99381
217aefdb641df3d5e00d6e8e274c98a4eaffd79ac87cef3093976d5b814b6858
25cce84f4e5aa9cd063c4c98027e88f43179e9cf92e06aff2c130baabda58b20
48f5543af496fc76e109d19efac8dcf9d9bb8a1593b17d8773d25cf16a2835ae
51db6c4f053f0649837ec06f4890fb346b0c62df43990e2c0f6ddd784468ce8d
8bf5f5187f277f614216728f50df015f72135f02df6f08d4055b2dc6b8c82004
9376464aaa0735bd4b188873b338f071a14b6ff206dfa77f14d92c8bd0f93092
9639b0d3a1aff1ffa92ee012b99257b190eb7efda62f5d73b61d0000c19b2f19
99bb62393372db5b760244530b68fd23399f99d366c272c1b2038911137b7d62
d28f8a6b77ce736e92cd9b2768d400edb86b2a6f4f91cd235fa4108157362a54
de3813c48a0c0f1ae0f2246e0e69b56a01fb02a5c062c48bcbcd1cfc1805d09c
f372e9bcde55f9a0e37e79197b4307f09def9b2ab269616a19f14bb6c6ac5092