brawny-heady-marshmallow.glitch.me Open in urlscan Pro
52.203.115.64 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://brawny-heady-marshmallow.glitch.me/ghtvb.html#redacted@abuse.ionos.com
Effective URL:
https://brawny-heady-marshmallow.glitch.me/ghtvb.html
Submission: On February 21 via automatic, source phishtank (February 21st 2023, 9:06:58 pm UTC) — Scanned from DE

Summary HTTP 17 Redirects Links 17 Behaviour Indicators

Summary

This website contacted 6 IPs in 2 countries across 6 domains to perform 17 HTTP transactions. The main IP is 52.203.115.64, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is brawny-heady-marshmallow.glitch.me.
TLS certificate: Issued by Amazon on January 2nd 2023. Valid for: a year.

This is the only time brawny-heady-marshmallow.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: 1&1 Ionos (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
2	52.203.115.64 52.203.115.64	14618 (AMAZON-AES) (AMAZON-AES)
8	198.54.116.150 198.54.116.150	22612 (NAMECHEAP...) (NAMECHEAP-NET)
5	213.165.66.58 213.165.66.58	8560 (IONOS-AS ...) (IONOS-AS This is the joint network for IONOS)
1 1	2a06:98c1:312... 2a06:98c1:3121::c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
1 1	52.84.106.55 52.84.106.55	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.45 18.66.97.45	16509 (AMAZON-02) (AMAZON-02)
17	6

2 52.203.115.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-115-64.compute-1.amazonaws.com

brawny-heady-marshmallow.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 198.54.116.150 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: server210-5.web-hosting.com

appmedia.host	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 213.165.66.58 (Germany)

ASN8560 (IONOS-AS This is the joint network for IONOS, Fasthosts, Arsys, 1&1 Mail and Media and 1&1 Telecom. Formerly known as 1&1 Internet SE., DE)
PTR: ce1.uicdn.net

ce1.uicdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cloud.webtype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.91 (United States) 1 redirects

ASN54113 (FASTLY, US)

cloud.typenetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.84.106.55 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-84-106-55.bud50.r.cloudfront.net

cdn.glitch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.45 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-45.fra56.r.cloudfront.net

cdn.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	appmedia.host appmedia.host	72 KB
5	uicdn.net ce1.uicdn.net — Cisco Umbrella Rank: 112445	258 KB
3	glitch.me brawny-heady-marshmallow.glitch.me cdn.glitch.me — Cisco Umbrella Rank: 100931	208 KB
2	typenetwork.com 1 redirects cloud.typenetwork.com — Cisco Umbrella Rank: 24234	2 KB
1	glitch.com 1 redirects cdn.glitch.com — Cisco Umbrella Rank: 110972	461 B
1	webtype.com 1 redirects cloud.webtype.com — Cisco Umbrella Rank: 57715	511 B
17	6

	Domain	Requested by
8	appmedia.host	brawny-heady-marshmallow.glitch.me
5	ce1.uicdn.net	appmedia.host
2	cloud.typenetwork.com	1 redirects brawny-heady-marshmallow.glitch.me
2	brawny-heady-marshmallow.glitch.me	appmedia.host
1	cdn.glitch.me	brawny-heady-marshmallow.glitch.me
1	cdn.glitch.com	1 redirects
1	cloud.webtype.com	1 redirects
17	7

This site contains links to these domains. Also see Links.

Domain
www.ionos.co.uk
contact.ionos.co.uk
ias.ionos.co.uk
my.ionos.co.uk
hidrive.ionos.com
archive.ionos.co.uk
www.ionos-status.co.uk

Subject Issuer	Validity	Valid
glitch.com Amazon	`2023-01-02` - `2024-02-01`	a year	crt.sh
appmedia.host Sectigo RSA Domain Validation Secure Server CA	`2022-11-20` - `2023-11-20`	a year	crt.sh
ce1.uicdn.net GeoTrust RSA CA 2018	`2022-03-01` - `2023-03-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://brawny-heady-marshmallow.glitch.me/ghtvb.html
Frame ID: 0A17D8B21E14F417DC30E64BBF5D3926
Requests: 15 HTTP requests in this frame

Frame: https://brawny-heady-marshmallow.glitch.me/robots.txt
Frame ID: 1F3BD76CA7A4D70D0FAC1C0DB6AA1326
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Webmail Login | IONOS by 1&1

Page Statistics

17
Requests

88 %
HTTPS

14 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

540 kB
Transfer

825 kB
Size

0
Cookies

17 Outgoing links

These are links going to different origins than the main page.

URL: https://www.ionos.co.uk/
Title: Webmail

Search URL Search Domain Scan URL

URL: https://contact.ionos.co.uk/contact?linkid=nav.top.support.Overlay

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2327&utm_term=2327&utm_campaign=forgotpw&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=flyin
Title: Forgot your password?

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=4083&utm_term=4083&utm_campaign=staysignedin&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=flyin
Title: Remember me

Search URL Search Domain Scan URL

URL: https://ias.ionos.co.uk/ias/follow/CLICK?ias_source=WEBMAILER-UK&ias_medium=login-webmailer_login&ias_content=WEBMAIL_LOGIN_TEASER_MAIL_ARCHIVING-DEFAULT&ias_campaign=&target=https%3A%2F%2Fwww.ionos.co.uk%2Foffice-solutions%2Femail-archiving-bk%3Fac%3DOM.UK.UK263K417284T7073a%26utm_source%3Dwebmail%26utm_medium%3Dlogin%26utm_campaign%3Darchivingpush%26utm_content%3Demailarchiving
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2442&utm_term=2442&utm_campaign=mobile-ios&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: iOS

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2444&utm_term=2444&utm_campaign=mobile-android&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Android

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2436&utm_term=2436&utm_campaign=desktop-thunderbird&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Thunderbird

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2462&utm_term=2462&utm_campaign=desktop-outlook&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Outlook

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2445&utm_term=2445&utm_campaign=desktop-applemail&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: Apple Mail

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/help/index.php?id=2490&utm_term=2490&utm_campaign=other-assistants&utm_medium=help-and-learn&utm_source=login_frontend_hosting&utm_content=article
Title: email programs (POP/IMAP)

Search URL Search Domain Scan URL

URL: https://my.ionos.co.uk/
Title: My IONOS

Search URL Search Domain Scan URL

URL: https://hidrive.ionos.com/
Title: HiDrive

Search URL Search Domain Scan URL

URL: https://archive.ionos.co.uk/
Title: Email archiving

Search URL Search Domain Scan URL

URL: https://www.ionos-status.co.uk/?utm_medium=footer&utm_content=none&utm_source=WEBMAIL_LOGIN&utm_campaign=login&utm_term=no_search
Title: All Systems Operational

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/about
Title: 1&1 IONOS Ltd. • 2020

Search URL Search Domain Scan URL

URL: https://www.ionos.co.uk/terms-gtc/terms-privacy/
Title: Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15

https://cloud.webtype.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css HTTP 301
https://cloud.typenetwork.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css HTTP 301
https://cloud.typenetwork.com/projects/5027/fontface.css/

Request Chain 16

https://cdn.glitch.com/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png?v=1595481653593 HTTP 301
https://cdn.glitch.me/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png

17 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request ghtvb.html Show response
brawny-heady-marshmallow.glitch.me/ 37 KB
37 KB 372ms
153ms Document
text/html 52.203.115.64
AMAZON-AES

General

brawny-heady-marshmallow.glitch.me Open in urlscan Pro 52.203.115.64 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

17 Requests

88 %HTTPS

14 %IPv6

6 Domains

7 Subdomains

6 IPs

2 Countries

540 kBTransfer

825 kBSize

0 Cookies

17 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

36 JavaScript Global Variables

0 Cookies

1 Console Messages

Indicators

brawny-heady-marshmallow.glitch.me Open in urlscan Pro
52.203.115.64 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

17
Requests

88 %
HTTPS

14 %
IPv6

6
Domains

7
Subdomains

6
IPs

2
Countries

540 kB
Transfer

825 kB
Size

0
Cookies

17 HTTP transactions
1 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!