urlscan.io logo urlscan.io
SecurityTrails logo

count-aum-net.glitch.me Open in urlscan Pro
34.207.50.50  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.ly/miwL
Effective URL: https://count-aum-net.glitch.me/PASSWORD.html
Submission: On February 21 via automatic, source phishtank — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 6 domains to perform 21 HTTP transactions. The main IP is 34.207.50.50, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is count-aum-net.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.
This is the only time count-aum-net.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Daum (Online)

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 34.207.50.50 14618 (AMAZON-AES)
3 203.133.167.83 9764 (DAUM-NET ...)
10 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 1 121.53.105.218 9457 (DREAMX-AS...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
1 211.231.101.135 38099 (KAKAO-AS-...)
1 211.249.201.89 9457 (DREAMX-AS...)
1 121.53.105.246 ()
21 8
1    2606:4700:20::ac43:4b7a (United States)

ASN13335 (CLOUDFLARENET, US)
t.ly
1    34.207.50.50 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-50-50.compute-1.amazonaws.com
count-aum-net.glitch.me
3    203.133.167.83 (Korea, Republic Of)

ASN9764 (DAUM-NET Kakao Corp, KR)
logins.daum.net
10    2a02:26f0:480:e::210:f10b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
t1.daumcdn.net
1    121.53.105.218 (Korea, Republic Of)

ASN9457 (DREAMX-AS DREAMLINE CO., KR)
developers.kakao.com
1    2a02:26f0:480:e::210:f10d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
t1.kakaocdn.net
1    211.231.101.135 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)
m1.daumcdn.net
1    211.249.201.89 (Korea, Republic Of)

ASN9457 (DREAMX-AS DREAMLINE CO., KR)
display.ad.daum.net
1    121.53.105.246 (None, )

ASN- ()
track.tiara.daum.net
Apex Domain
Subdomains		 Transfer
11 daumcdn.net
t1.daumcdn.net — Cisco Umbrella Rank: 29924
m1.daumcdn.net — Cisco Umbrella Rank: 209504
421 KB
5 daum.net
logins.daum.net — Cisco Umbrella Rank: 200866
display.ad.daum.net — Cisco Umbrella Rank: 42224
track.tiara.daum.net
webid.ad.daum.net Failed
tr.ad.daum.net Failed
35 KB
1 kakaocdn.net
t1.kakaocdn.net — Cisco Umbrella Rank: 22401
36 KB
1 kakao.com
developers.kakao.com — Cisco Umbrella Rank: 87016
139 B
1 glitch.me
count-aum-net.glitch.me
35 KB
1 t.ly
t.ly — Cisco Umbrella Rank: 112388
1 KB
21 6
Domain Requested by
10 t1.daumcdn.net count-aum-net.glitch.me
logins.daum.net
t1.daumcdn.net
3 logins.daum.net count-aum-net.glitch.me
1 track.tiara.daum.net count-aum-net.glitch.me
1 display.ad.daum.net t1.daumcdn.net
1 m1.daumcdn.net count-aum-net.glitch.me
1 t1.kakaocdn.net count-aum-net.glitch.me
1 developers.kakao.com 1 redirects
1 count-aum-net.glitch.me
1 t.ly 1 redirects
0 tr.ad.daum.net Failed count-aum-net.glitch.me
0 webid.ad.daum.net Failed count-aum-net.glitch.me
21 11

This site contains links to these domains. Also see Links.

Domain
www.daum.net
member.daum.net
www.kakaocorp.com
cs.daum.net
Subject Issuer Validity Valid
glitch.com
Amazon RSA 2048 M03		 2023-12-04 -
2025-01-01		 a year crt.sh
logins.daum.net
DigiCert EV RSA CA G2		 2023-05-03 -
2024-05-30		 a year crt.sh
*.daumcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-06-07 -
2024-06-07		 a year crt.sh
ad.daum.net
Thawte TLS RSA CA G1		 2024-01-03 -
2025-01-30		 a year crt.sh
www.tiara.kakao.com
Thawte TLS RSA CA G1		 2023-07-03 -
2024-07-30		 a year crt.sh

This page contains 2 frames:

Primary Page: https://count-aum-net.glitch.me/PASSWORD.html
Frame ID: 6FC2D63304C7E3435A4573BEBCCCB338
Requests: 16 HTTP requests in this frame

Frame: https://t1.daumcdn.net/kas/static/safeframe.html
Frame ID: E75ABECFD0DAA072208A4AC48FDABDA0
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Daum 로그인

Page URL History Show full URLs

  1. https://t.ly/miwL HTTP 302
    https://count-aum-net.glitch.me/PASSWORD.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

21
Requests

81 %
HTTPS

33 %
IPv6

6
Domains

11
Subdomains

8
IPs

3
Countries

528 kB
Transfer

892 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.ly/miwL HTTP 302
    https://count-aum-net.glitch.me/PASSWORD.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://developers.kakao.com/sdk/js/kakao.min.js HTTP 301
  • https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request PASSWORD.html
count-aum-net.glitch.me/
Redirect Chain
  • https://t.ly/miwL
  • https://count-aum-net.glitch.me/PASSWORD.html
35 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://count-aum-net.glitch.me/PASSWORD.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.207.50.50 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-207-50-50.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
39d69cf5f42dd9f219d20d8d04f74bdc36be419a210b0605e93ebd0f30a6a401

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
no-cache
content-length
35686
content-type
text/html; charset=utf-8
date
Wed, 21 Feb 2024 04:37:00 GMT
etag
"9400d392f8e9d47775283c15e747778d"
last-modified
Thu, 15 Sep 2022 13:25:35 GMT
server
AmazonS3
x-amz-id-2
Et3g7OuFd9Ty6xE20iQ2DHNhjDlsMXfkx1NfJN4Gxb667a97ZLrAXygXVveqSNxUZ7TZCr3+Amg=
x-amz-request-id
2WNCWJKN6T587YR1
x-amz-version-id
GYIxHpppzV1TS9IdsimXyRvcKSuM9YeM

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache, private
cf-cache-status
DYNAMIC
cf-ray
858c4aa2198d2bbe-FRA
content-type
text/html; charset=UTF-8
date
Wed, 21 Feb 2024 04:37:00 GMT
location
https://count-aum-net.glitch.me/PASSWORD.html
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jKK%2BBoazKw%2F8uxXclUsla7jOkX9oqgpxUO%2Fd9DAIzRULNaYqy%2FJc1VrkbV1W0NEzUh1hlnTunL7Axd%2FwMfQ8hghpQ0EgUNRBmAJkANfa2bAXUJDb6wnqV5gLzZ8cKD7hqPs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-ratelimit-limit
30
x-ratelimit-remaining
29
x-whom
tly-4
x-xss-protection
1; mode=block
pc.css
logins.daum.net/contents/min/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://logins.daum.net/contents/min/css/pc.css
Requested by
Host: count-aum-net.glitch.me
URL: https://count-aum-net.glitch.me/PASSWORD.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
203.133.167.83 , Korea, Republic Of, ASN9764 (DAUM-NET Kakao Corp, KR),
Reverse DNS
Software
Apache Tomcat /
Resource Hash
c3104d6ca9faf32693df4ebddff1f20e854cf8221bbf645bc827b9d08a752c30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://count-aum-net.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 21 Feb 2024 04:37:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2023 04:13:56 GMT
Server
Apache Tomcat
ETag
W/"17456-1701144836000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
font_pc.css
logins.daum.net/contents/min/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://logins.daum.net/contents/min/css/font_pc.css
Requested by
Host: count-aum-net.glitch.me
URL: https://count-aum-net.glitch.me/PASSWORD.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
203.133.167.83 , Korea, Republic Of, ASN9764 (DAUM-NET Kakao Corp, KR),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://count-aum-net.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers
jquery-1.12.1.min.js
t1.daumcdn.net/id/statics/common/js-lib/ 		95 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t1.daumcdn.net/id/statics/common/js-lib/jquery-1.12.1.min.js
Requested by
Host: count-aum-net.glitch.me
URL: https://count-aum-net.glitch.me/PASSWORD.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Request headers

Referer
https://count-aum-net.glitch.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 21 Feb 2024 04:37:00 GMT
content-encoding
gzip
last-modified
Tue, 05 Dec 2017 04:26:37 GMT
server
openresty
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=313368841
x-wcss
dC1jb21tb24wMS1id2NhY2hlNDE6MDpjaHR0cDoxNA==
accept-ranges
bytes
content-length
33894
expires
Thu, 26 Jan 2034 03:31:01 GMT
jquery.cookie-1.3.1.min.js
t1.daumcdn.net/id/statics/common/js-lib/ 		1000 B
768 B 		Script
General
Check archive.org
Download Go to
Full URL
https://t1.daumcdn.net/id/statics/common/js-lib/jquery.cookie-1.3.1.min.js
Requested by
Host: count-aum-net.glitch.me
URL: https://count-aum-net.glitch.me/PASSWORD.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
e59bba1708d06698afe08ebc4c9ce3c9a14e1fca0d7826e824bd6ed04a153b54

Request headers

Referer
https://count-aum-net.glitch.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Wed, 21 Feb 2024 04:37:00 GMT
content-encoding
gzip
last-modified
Tue, 12 Dec 2017 07:29:04 GMT
server
openresty
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=315354189
x-wcss
dC1jb21tb24wMS1id2NhY2hlMjY6MDpjaHR0cDoxMA==
accept-ranges
bytes
content-length
556
expires
Sat, 18 Feb 2034 03:00:09 GMT
kakao.min.js
t1.kakaocdn.net/kakao_js_sdk/v1/
Redirect Chain
  • https://developers.kakao.com/sdk/js/kakao.min.js
  • https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js
111 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js
Requested by
Host: count-aum-net.glitch.me
URL: https://count-aum-net.glitch.me/PASSWORD.html
Protocol
H2
Server
2a02:26f0:480:e::210:f10d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
50dcb8c700ad14b8f9e9b19712b94919087440f8df94b2bb374c64fe216e76b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://count-aum-net.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:37:05 GMT
content-encoding
gzip
last-modified
Wed, 14 Dec 2022 06:58:54 GMT
server
openresty
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
max-age=2740
x-wcss
dC1jb21tb24wMS1id2NhY2hlMzA6MDpjaHR0cDoxMQ==
accept-ranges
bytes
content-length
36802
expires
Wed, 21 Feb 2024 05:22:45 GMT

Redirect headers

location
https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js
date
Wed, 21 Feb 2024 04:37:04 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
162
content-type
text/html
login-default.js
logins.daum.net/contents/min/js/ 		36 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://logins.daum.net/contents/min/js/login-default.js
Requested by
Host: count-aum-net.glitch.me
URL: https://count-aum-net.glitch.me/PASSWORD.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
203.133.167.83 , Korea, Republic Of, ASN9764 (DAUM-NET Kakao Corp, KR),
Reverse DNS
Software
Apache Tomcat /
Resource Hash
ddeb39e5ebe5da53e195eefb2b296d664dbe950b6edfbab2d772977be292f50f

Request headers

Referer
https://count-aum-net.glitch.me/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Wed, 21 Feb 2024 04:37:02 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Nov 2023 04:13:56 GMT
Server
Apache Tomcat
ETag
W/"36924-1701144836000"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
ad.min.js
t1.daumcdn.net/adfit/static/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t1.daumcdn.net/adfit/static/ad.min.js
Requested by
Host: count-aum-net.glitch.me
URL: https://count-aum-net.glitch.me/PASSWORD.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
10397020b18155c46f267362d8c811c2a787ccf57dc2b5412b509f0a8d8ec7fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://count-aum-net.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:37:03 GMT
content-encoding
gzip
last-modified
Mon, 01 Nov 2021 10:51:01 GMT
server
openresty
nel
{"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
vary
Accept-Encoding
report-to
{"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
content-type
text/javascript
cache-control
max-age=3419
x-wcss
dC1jb21tb24wMS1id2NhY2hlMjQ6aGl0OjA=
accept-ranges
bytes
content-length
1059
expires
Wed, 21 Feb 2024 05:34:02 GMT
td.min.js
m1.daumcdn.net/tiara/js/ 		38 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m1.daumcdn.net/tiara/js/td.min.js
Requested by
Host: count-aum-net.glitch.me
URL: https://count-aum-net.glitch.me/PASSWORD.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
211.231.101.135 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software
nginx /
Resource Hash
5ab4f05cbe1a5cf7b22b8609cefc5e0f09f8b8577fe9d9b2e775279045a027b4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://count-aum-net.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:37:08 GMT
content-encoding
br
last-modified
Mon, 11 Nov 2019 06:50:37 GMT
server
nginx
age
1366
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=7200
accept-ranges
bytes
content-length
9910
expires
Wed, 21 Feb 2024 06:14:22 GMT
logo_daum.png
t1.daumcdn.net/id/logins/2020/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.daumcdn.net/id/logins/2020/logo_daum.png
Requested by
Host: logins.daum.net
URL: https://logins.daum.net/contents/min/css/pc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
50d4a8f26b0c851839a82ee89ac4cdbe92a520049d2cc005c45d04b872e6defe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://logins.daum.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:37:05 GMT
nel
{"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
last-modified
Thu, 14 May 2020 07:46:09 GMT
server
openresty
report-to
{"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
content-type
image/png
cache-control
max-age=10408
x-wcss
dC1jb21tb24wMS1id2NhY2hlMzU6aGl0OjA=
accept-ranges
bytes
content-length
1306
expires
Wed, 21 Feb 2024 07:30:33 GMT
ico_login_201224.png
t1.daumcdn.net/id/logins/2020/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.daumcdn.net/id/logins/2020/ico_login_201224.png
Requested by
Host: logins.daum.net
URL: https://logins.daum.net/contents/min/css/pc.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
6845a3538e9237f310d087c193a3626926bd22dd49041836614673b1fa553813

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://logins.daum.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:37:05 GMT
nel
{"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
last-modified
Thu, 24 Dec 2020 00:08:34 GMT
server
openresty
report-to
{"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
content-type
image/png
cache-control
max-age=13213
x-wcss
dC1jb21tb24wMS1id2NhY2hlNTE6bWlzczo2
accept-ranges
bytes
content-length
5333
expires
Wed, 21 Feb 2024 08:17:18 GMT
ba.min.js
t1.daumcdn.net/kas/static/ 		188 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://t1.daumcdn.net/kas/static/ba.min.js
Requested by
Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/adfit/static/ad.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
45d365ea4ff8bc698f35b5401db26c95152a80a69a1364ee846cd5a7a2fa3369

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://count-aum-net.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:37:05 GMT
content-encoding
gzip
last-modified
Mon, 22 Jan 2024 05:03:20 GMT
server
openresty
nel
{"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
vary
Accept-Encoding
report-to
{"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
content-type
text/javascript
cache-control
max-age=2582
x-wcss
dC1jb21tb24wMS1id2NhY2hlMTpoaXQ6MA==
accept-ranges
bytes
content-length
55674
expires
Wed, 21 Feb 2024 05:20:07 GMT
banner
display.ad.daum.net/sdk/ 		45 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://display.ad.daum.net/sdk/banner?id=00Y28&cnt=1&pxratio=1&pwidth=1600&pheight=1200&containerid=kakao_ad_2Wqwns&ppi=96&lmt=N&containerwidth=0&test=N&ctag=%7B%7D&sdktype=web&sdkver=4.20.0&secretmode=N&network=6&surl=https%3A%2F%2Fcount-aum-net.glitch.me%2FPASSWORD.html&cookiedisabled=N&rfseq=1&appkey=d10838164fe04a4e6da8e1f6d9972096&osver=&browser=chrome&browserver=121&mobile=N&sdkid=55f027f1-4517-4c43-9858-77edd5a44e73
Requested by
Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/kas/static/ba.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
211.249.201.89 , Korea, Republic Of, ASN9457 (DREAMX-AS DREAMLINE CO., KR),
Reverse DNS
Software
Apache /
Resource Hash
c04d9f77fe3e2bb591495c7b2b5f02b16126d5079214fbd95637379b2bace310

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://count-aum-net.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Date
Wed, 21 Feb 2024 04:37:08 GMT
Content-Encoding
gzip
Observe-Browsing-Topics
?1
P3P
CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
X-Kakao-AID
aid=3b1206776f454be1960d2132b17c4413; aid_ts=1708490228794
Connection
close
Content-Length
17378
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
Apache
Vary
Origin,Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
https://count-aum-net.glitch.me
Access-Control-Expose-Headers
X-Kakao-Ad-Inspection
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Kakao-Ad-Inspection
true
footsteps
track.tiara.daum.net/queen/ 		13 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.tiara.daum.net/queen/footsteps?dummy=1710360561602&ishome=U&referer=&title=Daum%20%EB%A1%9C%EA%B7%B8%EC%9D%B8&version=2.8.7&dpr=1&cke=Y&tz=%2B1&rand_id=1708490229163&pck=Y&puid=1708490229163&url=https%3A%2F%2Fcount-aum-net.glitch.me%2FPASSWORD.html
Requested by
Host: count-aum-net.glitch.me
URL: https://count-aum-net.glitch.me/PASSWORD.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
121.53.105.246 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://count-aum-net.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:37:10 GMT
strict-transport-security
max-age=15724800; includeSubDomains
content-length
13
content-type
text/plain; charset=utf-8
safeframe.html
t1.daumcdn.net/kas/static/ Frame E75A 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://t1.daumcdn.net/kas/static/safeframe.html
Requested by
Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/kas/static/ba.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
711cd936c4bfc11008e5319a7abbb55de63d07b4c5eaa0cc9d45d7baf63d3981

Request headers

Referer
https://count-aum-net.glitch.me/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=825
content-encoding
gzip
content-length
3672
content-type
text/html
date
Wed, 21 Feb 2024 04:37:09 GMT
expires
Wed, 21 Feb 2024 04:50:54 GMT
last-modified
Mon, 22 Jan 2024 05:03:21 GMT
nel
{"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
report-to
{"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
server
openresty
vary
Accept-Encoding
3d63b29b4ba4724674d917cd731f46a9.jpg
t1.daumcdn.net/b2/creative/42016/ Frame E75A 		304 KB
305 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.daumcdn.net/b2/creative/42016/3d63b29b4ba4724674d917cd731f46a9.jpg
Requested by
Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/kas/static/safeframe.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
862ac7d051d7899c503883b2e48ccfd6d5a853c12a7a8800bc900a27106db351

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t1.daumcdn.net/kas/static/safeframe.html?surl=https%3A%2F%2Fcount-aum-net.glitch.me%2F&bidId=4cb4352d730c400fa47c8428c8b75c18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:37:09 GMT
nel
{"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
last-modified
Tue, 18 Apr 2023 08:27:50 GMT
server
openresty
report-to
{"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
content-type
image/jpeg
cache-control
max-age=5355
x-wcss
dC1jb21tb24wMS1id2NhY2hlMzQ6aGl0OjA=
accept-ranges
bytes
content-length
311673
expires
Wed, 21 Feb 2024 06:06:24 GMT
ico_arrow3.png
t1.daumcdn.net/biz/ui/ad/ Frame E75A 		366 B
550 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.daumcdn.net/biz/ui/ad/ico_arrow3.png
Requested by
Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/kas/static/safeframe.html?surl=https%3A%2F%2Fcount-aum-net.glitch.me%2F&bidId=4cb4352d730c400fa47c8428c8b75c18
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
699296aee08ddf326ad1d78e099712b25e8053be8a0a621d02a96a66461dcf00

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t1.daumcdn.net/kas/static/safeframe.html?surl=https%3A%2F%2Fcount-aum-net.glitch.me%2F&bidId=4cb4352d730c400fa47c8428c8b75c18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:37:09 GMT
last-modified
Wed, 21 Dec 2022 04:32:55 GMT
server
openresty
content-type
image/png
cache-control
max-age=8307
x-wcss
dC1jb21tb24wMS1id2NhY2hlNjQ6MDpjaHR0cDoxOQ==
accept-ranges
bytes
content-length
366
expires
Wed, 21 Feb 2024 06:55:36 GMT
ico_adlogo2.png
t1.daumcdn.net/biz/ui/ad/ Frame E75A 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t1.daumcdn.net/biz/ui/ad/ico_adlogo2.png
Requested by
Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/kas/static/safeframe.html?surl=https%3A%2F%2Fcount-aum-net.glitch.me%2F&bidId=4cb4352d730c400fa47c8428c8b75c18
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:e::210:f10b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
openresty /
Resource Hash
750c0c8f5484e0b7ca7c69f0f4ef3eb382dd96a133f24592a9bb23586290c08f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://t1.daumcdn.net/kas/static/safeframe.html?surl=https%3A%2F%2Fcount-aum-net.glitch.me%2F&bidId=4cb4352d730c400fa47c8428c8b75c18
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

unused62
8096267
date
Wed, 21 Feb 2024 04:37:09 GMT
last-modified
Wed, 17 Mar 2021 02:58:49 GMT
server
openresty
content-type
image/png
cache-control
max-age=4728
x-wcss
dC1jb21tb24wMS1id2NhY2hlMTA6MDpjaHR0cDowNA==
accept-ranges
bytes
content-length
4637
expires
Wed, 21 Feb 2024 05:55:57 GMT
sync
webid.ad.daum.net/ 		0
0
vimp
tr.ad.daum.net/ Frame E75A 		0
0
footsteps
track.tiara.daum.net/queen/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
webid.ad.daum.net
URL
https://webid.ad.daum.net/sync?v=0.0.1
Domain
tr.ad.daum.net
URL
https://tr.ad.daum.net/vimp?wa=bNfBLWkfmC_eIRIPgRWth9Rx57mGdWNmKn7XPzOiEiQ&enc=HmKPKaUvEPjEpcLHfs7rTbZrzwG2m-OK3KhLGxf86kfLRyx0gTsIJrc2qVcNwoJ4zzXDOdnMEfTHmhlcoP9fqs79QPsxShAhnDg-Ktmla2jAJXNXqUeWRXXF9B7dAdRWKS8WmbbTAo2rL2ZATZpF0Y5VZWjLidVdoGBiWzdDgPA2awJV3pMBhAvTlRG6XdYEfVWQCp2YrQGnph9lcZj0j14CbG8Z8IZLrbv1N7u5lOCvvrdWdMpMNTfgSLuWAgRYk24pwWWvHAxuHcVYpx-aacbEwM3cixwuuB-JrGFJxZeYHRSKkKj3eZV4ufKn9HoecySG7stoRI4MpAYDlvUrYJvOx-gwN3jIGXOuUdkT-ri68jCLK0maHQIcBloHi8af13p6_-XysazVr_8-MI-VGA&signature=87226334374d36dafbc5a16fda1fa126&lc=1
Domain
track.tiara.daum.net
URL
https://track.tiara.daum.net/queen/footsteps?dummy=1710360561602&ishome=U&referer=&title=Daum%20%EB%A1%9C%EA%B7%B8%EC%9D%B8&version=2.8.7&dpr=1&cke=Y&tz=%2B1&rand_id=1708490229163&pck=Y&puid=1708490229163&url=https%3A%2F%2Fcount-aum-net.glitch.me%2FPASSWORD.html

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Daum (Online)

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| Kakao undefined| easyXDM object| daumlogin function| requestUpdateToken function| LoginTextField function| VirtualKeyView function| LoginForm function| toggleBodyClass function| rng_seed_int function| rng_seed_time function| pool_init object| _tiq object| __adfit__ object| regeneratorRuntime function| Jackdaw function| adfit

5 Cookies

Domain/Path Name / Value
t.ly/ Name: XSRF-TOKEN
Value: eyJpdiI6InJZNTV5ZW5BVTJqS3E4MjNpNjlsZUE9PSIsInZhbHVlIjoicTEzVTJ3cWhRVW90QzVSeWlDQ3F1QlFPVDVtY1Y1bUJxZGYvZFVwYlVzc1JOYWlWUTduNEJKdlhhZWRBckJ3WExDQnd0bGsveXMwc2ZaMFpHMjlhbEJoWlNCWlVNY2ZPQkZaanEzUll2bHpPRnhpR2p1TnZiWFZlYjVYWGFGZ1AiLCJtYWMiOiI1MTJjYWE0NDdmNWNjZDQ2YWVmZWFjMWU4NzliMGMyYzliZDJlZmE0OTE1ZWNmOThhZjEyZDg5NDY2ZTdiODEzIiwidGFnIjoiIn0%3D
t.ly/ Name: tly_session
Value: eyJpdiI6IjVuR1hPM1g5aGx2ZmVoZGhEeHQ5UUE9PSIsInZhbHVlIjoiV0E0bHUyODREOTdCZ0xEWXoyWUUwT3A0WjZSdTlWRWMrbjhqUXBCR3A2N01vb3lTS3BzN0hIeGVKSjRuV2dZMG9teEdQNThncVRrR1AyVkNVU1k4ZTZ2V2YzR0c5STdLU0FFZDJsZXVpYkh5QytZdUh1UHdrZ1JteWpnZVNieTEiLCJtYWMiOiIxY2ZlYzhlYjk0YWVjMDUyNTM3MmY0OTQ3ODk1Njc1YzJjMjgyY2VlMjQ0YmMzMzUxMGYyMGNkNjIzNDA3ODRlIiwidGFnIjoiIn0%3D
count-aum-net.glitch.me/ Name: adfit_sdk_id
Value: 55f027f1-4517-4c43-9858-77edd5a44e73
.ad.daum.net/ Name: aid
Value: 3b1206776f454be1960d2132b17c4413
.ad.daum.net/ Name: aid_ts
Value: 1708490228794

9 Console Messages

Source Level URL
Text
javascript warning URL: https://count-aum-net.glitch.me/PASSWORD.html
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://t1.daumcdn.net/id/statics/common/js-lib/jquery-1.12.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://count-aum-net.glitch.me/PASSWORD.html
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://t1.daumcdn.net/id/statics/common/js-lib/jquery-1.12.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://count-aum-net.glitch.me/PASSWORD.html
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://t1.daumcdn.net/id/statics/common/js-lib/jquery.cookie-1.3.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://count-aum-net.glitch.me/PASSWORD.html
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://developers.kakao.com/sdk/js/kakao.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://count-aum-net.glitch.me/PASSWORD.html
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://logins.daum.net/contents/min/js/login-default.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://logins.daum.net/contents/min/css/font_pc.css
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
other warning URL: https://count-aum-net.glitch.me/PASSWORD.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://count-aum-net.glitch.me/PASSWORD.html
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://track.tiara.daum.net/queen/footsteps?dummy=1710360561602&ishome=U&referer=&title=Daum%20%EB%A1%9C%EA%B7%B8%EC%9D%B8&version=2.8.7&dpr=1&cke=Y&tz=%2B1&rand_id=1708490229163&pck=Y&puid=1708490229163&url=https%3A%2F%2Fcount-aum-net.glitch.me%2FPASSWORD.html
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

count-aum-net.glitch.me
developers.kakao.com
display.ad.daum.net
logins.daum.net
m1.daumcdn.net
t.ly
t1.daumcdn.net
t1.kakaocdn.net
tr.ad.daum.net
track.tiara.daum.net
webid.ad.daum.net
tr.ad.daum.net
track.tiara.daum.net
webid.ad.daum.net
121.53.105.218
121.53.105.246
203.133.167.83
211.231.101.135
211.249.201.89
2606:4700:20::ac43:4b7a
2a02:26f0:480:e::210:f10b
2a02:26f0:480:e::210:f10d
34.207.50.50
10397020b18155c46f267362d8c811c2a787ccf57dc2b5412b509f0a8d8ec7fd
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
39d69cf5f42dd9f219d20d8d04f74bdc36be419a210b0605e93ebd0f30a6a401
45d365ea4ff8bc698f35b5401db26c95152a80a69a1364ee846cd5a7a2fa3369
50d4a8f26b0c851839a82ee89ac4cdbe92a520049d2cc005c45d04b872e6defe
50dcb8c700ad14b8f9e9b19712b94919087440f8df94b2bb374c64fe216e76b2
5ab4f05cbe1a5cf7b22b8609cefc5e0f09f8b8577fe9d9b2e775279045a027b4
6845a3538e9237f310d087c193a3626926bd22dd49041836614673b1fa553813
699296aee08ddf326ad1d78e099712b25e8053be8a0a621d02a96a66461dcf00
711cd936c4bfc11008e5319a7abbb55de63d07b4c5eaa0cc9d45d7baf63d3981
750c0c8f5484e0b7ca7c69f0f4ef3eb382dd96a133f24592a9bb23586290c08f
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402
862ac7d051d7899c503883b2e48ccfd6d5a853c12a7a8800bc900a27106db351
c04d9f77fe3e2bb591495c7b2b5f02b16126d5079214fbd95637379b2bace310
c3104d6ca9faf32693df4ebddff1f20e854cf8221bbf645bc827b9d08a752c30
ddeb39e5ebe5da53e195eefb2b296d664dbe950b6edfbab2d772977be292f50f
e59bba1708d06698afe08ebc4c9ce3c9a14e1fca0d7826e824bd6ed04a153b54