count-aum-net.glitch.me
Open in
urlscan Pro
34.207.50.50
Malicious Activity!
Public Scan
Effective URL: https://count-aum-net.glitch.me/PASSWORD.html
Submission: On February 21 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.
This is the only time count-aum-net.glitch.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Daum (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 2606:4700:20:... 2606:4700:20::ac43:4b7a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 34.207.50.50 34.207.50.50 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 | 203.133.167.83 203.133.167.83 | 9764 (DAUM-NET ...) (DAUM-NET Kakao Corp) | |
10 | 2a02:26f0:480... 2a02:26f0:480:e::210:f10b | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 121.53.105.218 121.53.105.218 | 9457 (DREAMX-AS...) (DREAMX-AS DREAMLINE CO.) | |
1 | 2a02:26f0:480... 2a02:26f0:480:e::210:f10d | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 211.231.101.135 211.231.101.135 | 38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp) | |
1 | 211.249.201.89 211.249.201.89 | 9457 (DREAMX-AS...) (DREAMX-AS DREAMLINE CO.) | |
1 | 121.53.105.246 121.53.105.246 | () () | |
21 | 8 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-207-50-50.compute-1.amazonaws.com
count-aum-net.glitch.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
daumcdn.net
t1.daumcdn.net — Cisco Umbrella Rank: 29924 m1.daumcdn.net — Cisco Umbrella Rank: 209504 |
421 KB |
5 |
daum.net
logins.daum.net — Cisco Umbrella Rank: 200866 display.ad.daum.net — Cisco Umbrella Rank: 42224 track.tiara.daum.net webid.ad.daum.net Failed tr.ad.daum.net Failed |
35 KB |
1 |
kakaocdn.net
t1.kakaocdn.net — Cisco Umbrella Rank: 22401 |
36 KB |
1 |
kakao.com
1 redirects
developers.kakao.com — Cisco Umbrella Rank: 87016 |
139 B |
1 |
glitch.me
count-aum-net.glitch.me |
35 KB |
1 |
t.ly
1 redirects
t.ly — Cisco Umbrella Rank: 112388 |
1 KB |
21 | 6 |
Domain | Requested by | |
---|---|---|
10 | t1.daumcdn.net |
count-aum-net.glitch.me
logins.daum.net t1.daumcdn.net |
3 | logins.daum.net |
count-aum-net.glitch.me
|
1 | track.tiara.daum.net |
count-aum-net.glitch.me
|
1 | display.ad.daum.net |
t1.daumcdn.net
|
1 | m1.daumcdn.net |
count-aum-net.glitch.me
|
1 | t1.kakaocdn.net |
count-aum-net.glitch.me
|
1 | developers.kakao.com | 1 redirects |
1 | count-aum-net.glitch.me | |
1 | t.ly | 1 redirects |
0 | tr.ad.daum.net Failed |
count-aum-net.glitch.me
|
0 | webid.ad.daum.net Failed |
count-aum-net.glitch.me
|
21 | 11 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.daum.net |
member.daum.net |
www.kakaocorp.com |
cs.daum.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
glitch.com Amazon RSA 2048 M03 |
2023-12-04 - 2025-01-01 |
a year | crt.sh |
logins.daum.net DigiCert EV RSA CA G2 |
2023-05-03 - 2024-05-30 |
a year | crt.sh |
*.daumcdn.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-06-07 - 2024-06-07 |
a year | crt.sh |
ad.daum.net Thawte TLS RSA CA G1 |
2024-01-03 - 2025-01-30 |
a year | crt.sh |
www.tiara.kakao.com Thawte TLS RSA CA G1 |
2023-07-03 - 2024-07-30 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://count-aum-net.glitch.me/PASSWORD.html
Frame ID: 6FC2D63304C7E3435A4573BEBCCCB338
Requests: 16 HTTP requests in this frame
Frame:
https://t1.daumcdn.net/kas/static/safeframe.html
Frame ID: E75ABECFD0DAA072208A4AC48FDABDA0
Requests: 5 HTTP requests in this frame
Screenshot
Page Title
Daum 로그인Page URL History Show full URLs
-
https://t.ly/miwL
HTTP 302
https://count-aum-net.glitch.me/PASSWORD.html Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Title: DAUM
Search URL Search Domain Scan URL
Title: 회원가입
Search URL Search Domain Scan URL
Title: 아이디 찾기
Search URL Search Domain Scan URL
Title: 비밀번호 찾기
Search URL Search Domain Scan URL
Title: © Kakao Corp.
Search URL Search Domain Scan URL
Title: 고객센터
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://t.ly/miwL
HTTP 302
https://count-aum-net.glitch.me/PASSWORD.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 4- https://developers.kakao.com/sdk/js/kakao.min.js HTTP 301
- https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
PASSWORD.html
count-aum-net.glitch.me/ Redirect Chain
|
35 KB 35 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pc.css
logins.daum.net/contents/min/css/ |
17 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
font_pc.css
logins.daum.net/contents/min/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-1.12.1.min.js
t1.daumcdn.net/id/statics/common/js-lib/ |
95 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cookie-1.3.1.min.js
t1.daumcdn.net/id/statics/common/js-lib/ |
1000 B 768 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kakao.min.js
t1.kakaocdn.net/kakao_js_sdk/v1/ Redirect Chain
|
111 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-default.js
logins.daum.net/contents/min/js/ |
36 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ad.min.js
t1.daumcdn.net/adfit/static/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
td.min.js
m1.daumcdn.net/tiara/js/ |
38 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo_daum.png
t1.daumcdn.net/id/logins/2020/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_login_201224.png
t1.daumcdn.net/id/logins/2020/ |
5 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ba.min.js
t1.daumcdn.net/kas/static/ |
188 KB 55 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
banner
display.ad.daum.net/sdk/ |
45 KB 18 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footsteps
track.tiara.daum.net/queen/ |
13 B 136 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
safeframe.html
t1.daumcdn.net/kas/static/ Frame E75A |
10 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3d63b29b4ba4724674d917cd731f46a9.jpg
t1.daumcdn.net/b2/creative/42016/ Frame E75A |
304 KB 305 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_arrow3.png
t1.daumcdn.net/biz/ui/ad/ Frame E75A |
366 B 550 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ico_adlogo2.png
t1.daumcdn.net/biz/ui/ad/ Frame E75A |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sync
webid.ad.daum.net/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
vimp
tr.ad.daum.net/ Frame E75A |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
footsteps
track.tiara.daum.net/queen/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- webid.ad.daum.net
- URL
- https://webid.ad.daum.net/sync?v=0.0.1
- Domain
- tr.ad.daum.net
- URL
- https://tr.ad.daum.net/vimp?wa=bNfBLWkfmC_eIRIPgRWth9Rx57mGdWNmKn7XPzOiEiQ&enc=HmKPKaUvEPjEpcLHfs7rTbZrzwG2m-OK3KhLGxf86kfLRyx0gTsIJrc2qVcNwoJ4zzXDOdnMEfTHmhlcoP9fqs79QPsxShAhnDg-Ktmla2jAJXNXqUeWRXXF9B7dAdRWKS8WmbbTAo2rL2ZATZpF0Y5VZWjLidVdoGBiWzdDgPA2awJV3pMBhAvTlRG6XdYEfVWQCp2YrQGnph9lcZj0j14CbG8Z8IZLrbv1N7u5lOCvvrdWdMpMNTfgSLuWAgRYk24pwWWvHAxuHcVYpx-aacbEwM3cixwuuB-JrGFJxZeYHRSKkKj3eZV4ufKn9HoecySG7stoRI4MpAYDlvUrYJvOx-gwN3jIGXOuUdkT-ri68jCLK0maHQIcBloHi8af13p6_-XysazVr_8-MI-VGA&signature=87226334374d36dafbc5a16fda1fa126&lc=1
- Domain
- track.tiara.daum.net
- URL
- https://track.tiara.daum.net/queen/footsteps?dummy=1710360561602&ishome=U&referer=&title=Daum%20%EB%A1%9C%EA%B7%B8%EC%9D%B8&version=2.8.7&dpr=1&cke=Y&tz=%2B1&rand_id=1708490229163&pck=Y&puid=1708490229163&url=https%3A%2F%2Fcount-aum-net.glitch.me%2FPASSWORD.html
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Daum (Online)18 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery object| Kakao undefined| easyXDM object| daumlogin function| requestUpdateToken function| LoginTextField function| VirtualKeyView function| LoginForm function| toggleBodyClass function| rng_seed_int function| rng_seed_time function| pool_init object| _tiq object| __adfit__ object| regeneratorRuntime function| Jackdaw function| adfit5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
t.ly/ | Name: XSRF-TOKEN Value: eyJpdiI6InJZNTV5ZW5BVTJqS3E4MjNpNjlsZUE9PSIsInZhbHVlIjoicTEzVTJ3cWhRVW90QzVSeWlDQ3F1QlFPVDVtY1Y1bUJxZGYvZFVwYlVzc1JOYWlWUTduNEJKdlhhZWRBckJ3WExDQnd0bGsveXMwc2ZaMFpHMjlhbEJoWlNCWlVNY2ZPQkZaanEzUll2bHpPRnhpR2p1TnZiWFZlYjVYWGFGZ1AiLCJtYWMiOiI1MTJjYWE0NDdmNWNjZDQ2YWVmZWFjMWU4NzliMGMyYzliZDJlZmE0OTE1ZWNmOThhZjEyZDg5NDY2ZTdiODEzIiwidGFnIjoiIn0%3D |
|
t.ly/ | Name: tly_session Value: eyJpdiI6IjVuR1hPM1g5aGx2ZmVoZGhEeHQ5UUE9PSIsInZhbHVlIjoiV0E0bHUyODREOTdCZ0xEWXoyWUUwT3A0WjZSdTlWRWMrbjhqUXBCR3A2N01vb3lTS3BzN0hIeGVKSjRuV2dZMG9teEdQNThncVRrR1AyVkNVU1k4ZTZ2V2YzR0c5STdLU0FFZDJsZXVpYkh5QytZdUh1UHdrZ1JteWpnZVNieTEiLCJtYWMiOiIxY2ZlYzhlYjk0YWVjMDUyNTM3MmY0OTQ3ODk1Njc1YzJjMjgyY2VlMjQ0YmMzMzUxMGYyMGNkNjIzNDA3ODRlIiwidGFnIjoiIn0%3D |
|
count-aum-net.glitch.me/ | Name: adfit_sdk_id Value: 55f027f1-4517-4c43-9858-77edd5a44e73 |
|
.ad.daum.net/ | Name: aid Value: 3b1206776f454be1960d2132b17c4413 |
|
.ad.daum.net/ | Name: aid_ts Value: 1708490228794 |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
count-aum-net.glitch.me
developers.kakao.com
display.ad.daum.net
logins.daum.net
m1.daumcdn.net
t.ly
t1.daumcdn.net
t1.kakaocdn.net
tr.ad.daum.net
track.tiara.daum.net
webid.ad.daum.net
tr.ad.daum.net
track.tiara.daum.net
webid.ad.daum.net
121.53.105.218
121.53.105.246
203.133.167.83
211.231.101.135
211.249.201.89
2606:4700:20::ac43:4b7a
2a02:26f0:480:e::210:f10b
2a02:26f0:480:e::210:f10d
34.207.50.50
10397020b18155c46f267362d8c811c2a787ccf57dc2b5412b509f0a8d8ec7fd
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
39d69cf5f42dd9f219d20d8d04f74bdc36be419a210b0605e93ebd0f30a6a401
45d365ea4ff8bc698f35b5401db26c95152a80a69a1364ee846cd5a7a2fa3369
50d4a8f26b0c851839a82ee89ac4cdbe92a520049d2cc005c45d04b872e6defe
50dcb8c700ad14b8f9e9b19712b94919087440f8df94b2bb374c64fe216e76b2
5ab4f05cbe1a5cf7b22b8609cefc5e0f09f8b8577fe9d9b2e775279045a027b4
6845a3538e9237f310d087c193a3626926bd22dd49041836614673b1fa553813
699296aee08ddf326ad1d78e099712b25e8053be8a0a621d02a96a66461dcf00
711cd936c4bfc11008e5319a7abbb55de63d07b4c5eaa0cc9d45d7baf63d3981
750c0c8f5484e0b7ca7c69f0f4ef3eb382dd96a133f24592a9bb23586290c08f
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402
862ac7d051d7899c503883b2e48ccfd6d5a853c12a7a8800bc900a27106db351
c04d9f77fe3e2bb591495c7b2b5f02b16126d5079214fbd95637379b2bace310
c3104d6ca9faf32693df4ebddff1f20e854cf8221bbf645bc827b9d08a752c30
ddeb39e5ebe5da53e195eefb2b296d664dbe950b6edfbab2d772977be292f50f
e59bba1708d06698afe08ebc4c9ce3c9a14e1fca0d7826e824bd6ed04a153b54