![](/screenshots/b47a0be1-a6e7-4522-bf5a-eb791dea7cb0.png)
concrete-buffers.glitch.me
Open in
urlscan Pro
44.198.62.156
Malicious Activity!
Public Scan
Submission: On July 28 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M01 on February 22nd 2023. Valid for: a year.
This is the only time concrete-buffers.glitch.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Microsoft (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 44.198.62.156 44.198.62.156 | 14618 (AMAZON-AES) (AMAZON-AES) | |
2 | 2a00:1450:400... 2a00:1450:4001:830::200a | 15169 (GOOGLE) (GOOGLE) | |
2 | 2606:4700::68... 2606:4700::6810:5714 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700::68... 2606:4700::6810:7aaf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 2606:4700:10:... 2606:4700:10::6816:8a7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3031::ac43:8aa8 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:3b | 20446 (STACKPATH...) (STACKPATH-CDN) | |
2 | 2606:2800:233... 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef | 15133 (EDGECAST) (EDGECAST) | |
3 | 2620:1ec:46::44 2620:1ec:46::44 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 104.237.62.211 104.237.62.211 | 18450 (WEBNX) (WEBNX) | |
1 | 2a06:98c1:312... 2a06:98c1:3120::3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
21 | 12 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-198-62-156.compute-1.amazonaws.com
concrete-buffers.glitch.me |
ASN15133 (EDGECAST, US)
aadcdn.msftauth.net |
ASN18450 (WEBNX, US)
PTR: hosted-by.racknerd.com
api.ipify.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
msauth.net
aadcdn.msauth.net — Cisco Umbrella Rank: 1078 |
3 KB |
2 |
msftauth.net
aadcdn.msftauth.net — Cisco Umbrella Rank: 1103 |
3 KB |
2 |
friendlycaptcha.com
api.friendlycaptcha.com — Cisco Umbrella Rank: 211393 |
216 B |
2 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 361 |
25 KB |
2 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 409 |
61 KB |
1 |
homecar4all.org
homecar4all.org |
538 B |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2750 |
224 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 754 |
66 KB |
1 |
eevilcorp.online
eevilcorp.online |
9 KB |
1 |
unpkg.com
unpkg.com — Cisco Umbrella Rank: 1022 |
16 KB |
1 |
glitch.me
concrete-buffers.glitch.me |
2 KB |
21 | 11 |
Domain | Requested by | |
---|---|---|
3 | aadcdn.msauth.net | |
2 | aadcdn.msftauth.net | |
2 | api.friendlycaptcha.com |
unpkg.com
|
2 | cdn.jsdelivr.net |
concrete-buffers.glitch.me
ajax.googleapis.com |
2 | ajax.googleapis.com |
concrete-buffers.glitch.me
ajax.googleapis.com |
1 | homecar4all.org |
ajax.googleapis.com
|
1 | api.ipify.org |
ajax.googleapis.com
|
1 | code.jquery.com |
ajax.googleapis.com
|
1 | eevilcorp.online |
ajax.googleapis.com
|
1 | unpkg.com |
concrete-buffers.glitch.me
|
1 | concrete-buffers.glitch.me | |
21 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
glitch.com Amazon RSA 2048 M01 |
2023-02-22 - 2024-02-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
friendlycaptcha.com Cloudflare Inc ECC CA-3 |
2022-09-26 - 2023-09-26 |
a year | crt.sh |
eevilcorp.online GTS CA 1P5 |
2023-06-03 - 2023-09-01 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
aadcdn.msftauth.net DigiCert SHA2 Secure Server CA |
2023-01-31 - 2024-01-31 |
a year | crt.sh |
aadcdn.msauth.net DigiCert SHA2 Secure Server CA |
2023-04-28 - 2024-04-28 |
a year | crt.sh |
*.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2023-02-07 - 2024-02-18 |
a year | crt.sh |
homecar4all.org GTS CA 1P5 |
2023-07-07 - 2023-10-05 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://concrete-buffers.glitch.me/
Frame ID: 84ECA2732602EA3F0AA97B726C9C0B5B
Requests: 20 HTTP requests in this frame
Screenshot
![](/screenshots/b47a0be1-a6e7-4522-bf5a-eb791dea7cb0.png)
Page Title
DocumentSign in to continueDetected technologies
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Detected patterns
- ([\d.]+)/jquery-ui(?:\.min)?\.js
- jquery-ui.*\.js
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
concrete-buffers.glitch.me/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ |
87 KB 31 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
cdn.jsdelivr.net/npm/axios/dist/ |
31 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.module.min.js
unpkg.com/friendly-challenge@0.9.11/ |
40 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
puzzle
api.friendlycaptcha.com/api/v1/ |
114 B 216 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
puzzle
api.friendlycaptcha.com/api/v1/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
af43e79a-70af-449c-a69b-dce54eeeb3db
https://concrete-buffers.glitch.me/ |
10 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
b2a3856c-a4d9-4436-b37a-7274386fb25e
https://concrete-buffers.glitch.me/ |
10 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
e8e1ce9a-b414-4610-87f9-6a84b09074de
https://concrete-buffers.glitch.me/ |
10 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
424b6dd6-40d2-4e43-afc1-7e7ef4a45638
https://concrete-buffers.glitch.me/ |
10 KB 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
generator
eevilcorp.online/ |
39 KB 9 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ |
87 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-ui.min.js
code.jquery.com/ui/1.13.2/ |
249 KB 66 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
axios.min.js
cdn.jsdelivr.net/npm/axios/dist/ |
31 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg
aadcdn.msftauth.net/shared/1.0/content/images/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
513 B 797 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
250 B 720 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg
aadcdn.msauth.net/shared/1.0/content/images/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2_bc3d32a696895f78c19df6c717586a5d.svg
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/ |
2 KB 824 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api.ipify.org/ |
24 B 224 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
open
homecar4all.org/activity/ |
31 B 538 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Microsoft (Consumer)8 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| axios function| myCallback object| friendlyChallenge function| loading function| done_loading function| reset_inputs_and_errors0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aadcdn.msauth.net
aadcdn.msftauth.net
ajax.googleapis.com
api.friendlycaptcha.com
api.ipify.org
cdn.jsdelivr.net
code.jquery.com
concrete-buffers.glitch.me
eevilcorp.online
homecar4all.org
unpkg.com
104.237.62.211
2001:4de0:ac18::1:a:3b
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2606:4700:10::6816:8a7
2606:4700:3031::ac43:8aa8
2606:4700::6810:5714
2606:4700::6810:7aaf
2620:1ec:46::44
2a00:1450:4001:830::200a
2a06:98c1:3120::3
44.198.62.156
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
1206c115332539c74da9e3e501aeb2f8bf6fae72f41d280dce782f9a06afe987
1e268be3e9581d9d052cf75c28ec41a1308466b155cc1a22b6353ecd6b6a3224
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
3abf9881e4ee4756b27d994b8854d9baa1fb6c24bbe54850921a00584f81a07d
55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1
6eb1c21407380f11961a9dc559b6db8e945edf3d10c289778306e7bf0fac4c41
6f68153f638155eb464c6170752aaef22b5774877b3b74c8d7d0d06189247ed1
7960db13ff5efb8230f30a1982d0326f5f7ad14cce9b8cae89c411421cfb8e20
8ed8f3acb9b87f99e42c74463d4e2be96ee85b8a87cd6eb874295ace420a5904
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
9bdbbe1644cde127547093ec23761f0cd416230df61b59197c6574ab3cfb4724
fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e