concrete-buffers.glitch.me Open in urlscan Pro
44.198.62.156  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response concrete-buffers.glitch.me/	2 KB 2 KB	396ms 161ms	Document text/html	44.198.62.156 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://concrete-buffers.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 44.198.62.156 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-44-198-62-156.compute-1.amazonaws.com Software AmazonS3 / Resource Hash 1e268be3e9581d9d052cf75c28ec41a1308466b155cc1a22b6353ecd6b6a3224 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes cache-control no-cache content-length 1574 content-type text/html; charset=utf-8 date Fri, 28 Jul 2023 01:16:07 GMT etag "f51434ac855aaf41eba918a14e4a5767" last-modified Wed, 26 Jul 2023 06:52:50 GMT server AmazonS3 x-amz-id-2 HnGt+oLH2HwGSYQVt9/Gdx4Jirn4KiuWie4a2caZ8ob4J6n6+OHp57UPbT0+GYE3nmP36aRhuHI= x-amz-request-id NCEEP7Y00KET0GF1 x-amz-server-side-encryption AES256 x-amz-version-id A546CF0Tj5LX5oSsPRpt77x3w4j3gHa1
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 31 KB	71ms 21ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: concrete-buffers.glitch.me URL: https://concrete-buffers.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://concrete-buffers.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 08:01:11 GMT content-encoding gzip x-content-type-options nosniff age 62096 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31017 x-xss-protection 0 last-modified Wed, 10 Mar 2021 14:28:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 26 Jul 2024 08:01:11 GMT
GET H2	200	axios.min.js Show response cdn.jsdelivr.net/npm/axios/dist/	31 KB 13 KB	74ms 29ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js Requested by Host: concrete-buffers.glitch.me URL: https://concrete-buffers.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://concrete-buffers.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Fri, 28 Jul 2023 01:16:07 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 24592 x-jsd-version 1.4.0 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230021-FRA, cache-yyz4532-YYZ x-jsd-version-type version server cloudflare etag W/"7c62-l4FP2rZKp9GzDwgvnrJy1LHOGKI" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vxw6L%2BKgY98F6azS6Stg5Tn%2BBxK%2BCv1W5jpA%2FXAQXm28n6WTaPqmQCycfjBhJHfFfbBsItSnRcLcsYyoNQpXEeQgH7TqjcYs2Y7RfFzEVs96bYuzg9dHiz5W0zfoVY40oa5knXqqPm%2F7l8BJ1us%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 7ed94660cb008ffa-FRA
GET H2	200	widget.module.min.js Show response unpkg.com/friendly-challenge@0.9.11/	40 KB 16 KB	81ms 30ms	Script application/javascript	2606:4700::6810:7aaf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://unpkg.com/friendly-challenge@0.9.11/widget.module.min.js Requested by Host: concrete-buffers.glitch.me URL: https://concrete-buffers.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:7aaf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9bdbbe1644cde127547093ec23761f0cd416230df61b59197c6574ab3cfb4724 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://concrete-buffers.glitch.me/ Origin https://concrete-buffers.glitch.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Fri, 28 Jul 2023 01:16:07 GMT via 1.1 fly.io x-content-type-options nosniff cf-cache-status HIT content-encoding br strict-transport-security max-age=31536000; includeSubDomains; preload age 1541835 last-modified Sat, 26 Oct 1985 08:15:00 GMT fly-request-id 01H4Z2NBTP5PBSM730QRGFAM6J-fra server cloudflare etag W/"9f41-obXwubFirJgj1uhXtPJnQpRZU38" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000 cf-ray 7ed94660da6b4da6-FRA
GET H2	200	puzzle Show response api.friendlycaptcha.com/api/v1/	114 B 216 B	59ms 58ms	Fetch application/json	2606:4700:10::6816:8a7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.friendlycaptcha.com/api/v1/puzzle?sitekey=FCML51M1LJ6DRRVM Requested by Host: unpkg.com URL: https://unpkg.com/friendly-challenge@0.9.11/widget.module.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:8a7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6eb1c21407380f11961a9dc559b6db8e945edf3d10c289778306e7bf0fac4c41 Request headers Referer https://concrete-buffers.glitch.me/ x-frc-client js-0.9.11 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Fri, 28 Jul 2023 01:16:07 GMT content-encoding gzip accept-ch Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Model,Sec-CH-UA-Mobile,viewport-width,dpr,device-memory,rtt,downlink,ect server cloudflare vary Accept-Encoding content-type application/json access-control-allow-origin https://concrete-buffers.glitch.me cf-ray 7ed94661deb492ab-FRA
OPTIONS H2	204	puzzle api.friendlycaptcha.com/api/v1/	0 0	83ms 29ms	Preflight	2606:4700:10::6816:8a7 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://api.friendlycaptcha.com/api/v1/puzzle?sitekey=FCML51M1LJ6DRRVM Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::6816:8a7 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Accept */* Access-Control-Request-Headers x-frc-client Access-Control-Request-Method GET Origin https://concrete-buffers.glitch.me Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers accept-ch Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Model,Sec-CH-UA-Mobile,viewport-width,dpr,device-memory,rtt,downlink,ect access-control-allow-headers Origin,X-Requested-With,Accept,Content-Type,X-Frc-Client,Traceparent,Tracestate access-control-allow-methods GET,HEAD,POST,OPTIONS access-control-allow-origin https://concrete-buffers.glitch.me access-control-max-age 3600 cf-ray 7ed94661ae9992ab-FRA date Fri, 28 Jul 2023 01:16:07 GMT server cloudflare vary Accept-Encoding
GET BLOB	200 OK	af43e79a-70af-449c-a69b-dce54eeeb3db https://concrete-buffers.glitch.me/	10 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://concrete-buffers.glitch.me/af43e79a-70af-449c-a69b-dce54eeeb3db Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7960db13ff5efb8230f30a1982d0326f5f7ad14cce9b8cae89c411421cfb8e20 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Length 9966 Content-Type text/javascript
GET BLOB	200 OK	b2a3856c-a4d9-4436-b37a-7274386fb25e https://concrete-buffers.glitch.me/	10 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://concrete-buffers.glitch.me/b2a3856c-a4d9-4436-b37a-7274386fb25e Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7960db13ff5efb8230f30a1982d0326f5f7ad14cce9b8cae89c411421cfb8e20 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Length 9966 Content-Type text/javascript
GET BLOB	200 OK	e8e1ce9a-b414-4610-87f9-6a84b09074de https://concrete-buffers.glitch.me/	10 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://concrete-buffers.glitch.me/e8e1ce9a-b414-4610-87f9-6a84b09074de Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7960db13ff5efb8230f30a1982d0326f5f7ad14cce9b8cae89c411421cfb8e20 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Length 9966 Content-Type text/javascript
GET BLOB	200 OK	424b6dd6-40d2-4e43-afc1-7e7ef4a45638 https://concrete-buffers.glitch.me/	10 KB 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://concrete-buffers.glitch.me/424b6dd6-40d2-4e43-afc1-7e7ef4a45638 Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7960db13ff5efb8230f30a1982d0326f5f7ad14cce9b8cae89c411421cfb8e20 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Content-Length 9966 Content-Type text/javascript
POST H2	200	generator Show response eevilcorp.online/	39 KB 9 KB	163ms 91ms	XHR application/json	2606:4700:3031::ac43:8aa8 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://eevilcorp.online/generator?table=8&meme=L-00088&peer=high_2fa Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3031::ac43:8aa8 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 1206c115332539c74da9e3e501aeb2f8bf6fae72f41d280dce782f9a06afe987 Request headers Accept */* Referer https://concrete-buffers.glitch.me/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Content-Type application/x-www-form-urlencoded; charset=UTF-8 Response headers date Fri, 28 Jul 2023 01:16:09 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"9aa9-Z6HpNZ6v/BEj6qbpQKJgn/NajJA" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q6yw0VqB%2FJyNYAl%2B8%2FyQiZbsUsA7aJQJbvYynyewVI0D4vwch%2Fcb9Nj%2BZUIgcUrY4alLrnEdVliOywThMCZKzAjBizBd9zqvJ8ewSJ6FRaPENIqk1PLXv1bQcenbsr9VOptpc9OMjMURTXhmi%2B0W"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 7ed9466d3ed939eb-FRA alt-svc h3=":443"; ma=86400
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.6.0/	87 KB 30 KB	24ms 22ms	Script text/javascript	2a00:1450:4001:830::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://concrete-buffers.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Thu, 27 Jul 2023 08:01:11 GMT content-encoding gzip x-content-type-options nosniff age 62098 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31017 x-xss-protection 0 last-modified Wed, 10 Mar 2021 14:28:09 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Fri, 26 Jul 2024 08:01:11 GMT
GET H2	200	jquery-ui.min.js Show response code.jquery.com/ui/1.13.2/	249 KB 66 KB	85ms 24ms	Script application/javascript	2001:4de0:ac18::1:a:3b STACKPATH-CDN
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.13.2/jquery-ui.min.js Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:3b , Netherlands, ASN20446 (STACKPATH-CDN, US), Reverse DNS Software nginx / Resource Hash 9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd Request headers accept-language de-DE,de;q=0.9 Referer https://concrete-buffers.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Fri, 28 Jul 2023 01:16:09 GMT content-encoding gzip last-modified Sun, 04 Dec 2022 10:56:54 GMT server nginx etag W/"638c7cf6-3e46c" vary Accept-Encoding x-hw 1690506969.dop272.fr8.t,1690506969.cds122.fr8.hn,1690506969.cds270.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 67628
GET H2	200	axios.min.js Show response cdn.jsdelivr.net/npm/axios/dist/	31 KB 12 KB	31ms 29ms	Script application/javascript	2606:4700::6810:5714 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/axios/dist/axios.min.js Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://concrete-buffers.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Fri, 28 Jul 2023 01:16:09 GMT strict-transport-security max-age=31536000; includeSubDomains; preload x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 24594 x-jsd-version 1.4.0 content-encoding br x-cache HIT, HIT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 x-served-by cache-fra-eddf8230021-FRA, cache-yyz4532-YYZ x-jsd-version-type version server cloudflare etag W/"7c62-l4FP2rZKp9GzDwgvnrJy1LHOGKI" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9hrRZkouTC5ggNZfianyKr6mI8HqMNVY25OPt7Mn8%2FAyERmDlEavBYTbnjVk%2BQlAodH83cGI096bvFqrnwL1eRxL0mgvoC0S21p3IWUmQ0uMVk6Y841YHrrKQkMgG0TEdMdmF7GchLuqpbqbbTY%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * access-control-expose-headers * cache-control public, max-age=604800, s-maxage=43200 timing-allow-origin * cf-ray 7ed9466e2a498ffa-FRA
GET H2	200	microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg aadcdn.msftauth.net/shared/1.0/content/images/	4 KB 2 KB	107ms 22ms	Image image/svg+xml	2606:2800:233:78b9:f44e:2c1f:31aa:d9ef EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net/shared/1.0/content/images/microsoft_logo_ee5c8d9fb6248c938fd0dc19370e90bd.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4CFA) / Resource Hash 04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a Request headers accept-language de-DE,de;q=0.9 Referer https://concrete-buffers.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 28 Jul 2023 01:16:09 GMT content-encoding gzip content-md5 nzaLxFgP7ZB3dfMcaybWzw== age 27306336 x-cache HIT content-length 1435 x-ms-lease-status unlocked last-modified Thu, 16 Jan 2020 00:32:52 GMT server ECAcc (frc/4CFA) etag 0x8D79A1B9F5E121A vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id e0c1be84-e01e-005d-7397-c8af81000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg aadcdn.msauth.net/shared/1.0/content/images/	513 B 797 B	116ms 24ms	Image image/svg+xml	2620:1ec:46::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/arrow_left_a9cc2824ef3517b6c4160dcf8ff7d410.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58 Request headers accept-language de-DE,de;q=0.9 Referer https://concrete-buffers.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 28 Jul 2023 01:16:09 GMT content-encoding gzip x-cache TCP_HIT content-length 276 x-ms-lease-status unlocked last-modified Fri, 17 Jan 2020 19:28:34 GMT etag 0x8D79B8371B97A82 x-azure-ref 20230728T011609Z-nmnky7a0xh1d38gs8y53kchgmg00000000m0000000021rtf content-type image/svg+xml access-control-allow-origin * x-ms-request-id 43061a29-601e-0005-4ea3-bfb079000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg aadcdn.msauth.net/shared/1.0/content/images/	250 B 720 B	116ms 24ms	Image image/svg+xml	2620:1ec:46::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_sms_27a6d18b56f46818420e60a773c36d4e.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 8ed8f3acb9b87f99e42c74463d4e2be96ee85b8a87cd6eb874295ace420a5904 Request headers accept-language de-DE,de;q=0.9 Referer https://concrete-buffers.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 28 Jul 2023 01:16:09 GMT content-encoding gzip x-cache TCP_HIT content-length 199 x-ms-lease-status unlocked last-modified Fri, 17 Jan 2020 19:28:39 GMT etag 0x8D79B8374CE7F93 x-azure-ref 20230728T011609Z-nmnky7a0xh1d38gs8y53kchgmg00000000m0000000021rtg content-type image/svg+xml access-control-allow-origin * x-ms-request-id 0ce97511-d01e-0016-2b54-ba7d5d000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg aadcdn.msauth.net/shared/1.0/content/images/	3 KB 2 KB	116ms 25ms	Image image/svg+xml	2620:1ec:46::44 MICROSOFT-CORP-MS...
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msauth.net/shared/1.0/content/images/picker_verify_call_fe87496cc7a44412f7893a72099c120a.svg Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2620:1ec:46::44 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US), Reverse DNS Software / Resource Hash 55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1 Request headers accept-language de-DE,de;q=0.9 Referer https://concrete-buffers.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 28 Jul 2023 01:16:09 GMT content-encoding gzip x-cache TCP_HIT content-length 1173 x-ms-lease-status unlocked last-modified Fri, 17 Jan 2020 19:28:39 GMT etag 0x8D79B83749623C9 x-azure-ref 20230728T011609Z-nmnky7a0xh1d38gs8y53kchgmg00000000m0000000021rth content-type image/svg+xml access-control-allow-origin * x-ms-request-id cdc4830a-201e-0055-58f3-bdd34a000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H2	200	2_bc3d32a696895f78c19df6c717586a5d.svg aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/	2 KB 824 B	106ms 24ms	Image image/svg+xml	2606:2800:233:78b9:f44e:2c1f:31aa:d9ef EDGECAST
General Check archive.org Show headers Download Go to Show image Full URL https://aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_bc3d32a696895f78c19df6c717586a5d.svg Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:78b9:f44e:2c1f:31aa:d9ef , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/4D03) / Resource Hash 0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68 Request headers accept-language de-DE,de;q=0.9 Referer https://concrete-buffers.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers x-ms-blob-type BlockBlob date Fri, 28 Jul 2023 01:16:09 GMT content-encoding gzip content-md5 DhdidjYrlCeaRJJRG/y9mA== age 12385929 x-cache HIT content-length 673 x-ms-lease-status unlocked last-modified Wed, 12 Feb 2020 22:01:50 GMT server ECAcc (frc/4D03) etag 0x8D7B007297AE131 vary Accept-Encoding content-type image/svg+xml access-control-allow-origin * x-ms-request-id a77b3f3b-101e-0026-464a-504615000000 access-control-expose-headers x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding cache-control public, max-age=31536000 x-ms-version 2009-09-19 accept-ranges bytes
GET H/1.1	200 OK	/ Show response api.ipify.org/	24 B 224 B	527ms 169ms	XHR application/json	104.237.62.211 WEBNX
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 104.237.62.211 El Segundo, United States, ASN18450 (WEBNX, US), Reverse DNS hosted-by.racknerd.com Software nginx/1.25.1 / Resource Hash 6f68153f638155eb464c6170752aaef22b5774877b3b74c8d7d0d06189247ed1 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://concrete-buffers.glitch.me/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers Access-Control-Allow-Origin * Date Fri, 28 Jul 2023 01:16:09 GMT Server nginx/1.25.1 Connection keep-alive Content-Length 24 Vary Origin Content-Type application/json
GET H2	201	open Show response homecar4all.org/activity/	31 B 538 B	502ms 329ms	XHR application/json	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://homecar4all.org/activity/open?file_name=L-00088&ip_address=217.114.215.131 Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Express Resource Hash 3abf9881e4ee4756b27d994b8854d9baa1fb6c24bbe54850921a00584f81a07d Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://concrete-buffers.glitch.me/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36 Response headers date Fri, 28 Jul 2023 01:16:10 GMT cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare x-powered-by Express etag W/"1f-QPP/sbeX5xV2RVuC+IKzCw/2HHQ" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gMIBSKfGmFPWB0BCnNefXJJmiPF%2BK6%2FZ01DVSmGY4lgm%2B4oF5HX7pr8j%2Bd28LFZMCqx6vVxcp3Mh5DeGlFVzflrlY540rFodai1OjDOfxfF0g8%2F6sRZ%2FWRQDHW0nakxPPx%2BgsECN%2BO9P47Sdlvc%3D"}],"group":"cf-nel","max_age":604800} content-type application/json; charset=utf-8 access-control-allow-origin * cf-ray 7ed94672bfe82c3f-FRA alt-svc h3=":443"; ma=86400 content-length 31

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| axios function| myCallback object| friendlyChallenge function| loading function| done_loading function| reset_inputs_and_errors

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aadcdn.msauth.net
aadcdn.msftauth.net
ajax.googleapis.com
api.friendlycaptcha.com
api.ipify.org
cdn.jsdelivr.net
code.jquery.com
concrete-buffers.glitch.me
eevilcorp.online
homecar4all.org
unpkg.com
104.237.62.211
2001:4de0:ac18::1:a:3b
2606:2800:233:78b9:f44e:2c1f:31aa:d9ef
2606:4700:10::6816:8a7
2606:4700:3031::ac43:8aa8
2606:4700::6810:5714
2606:4700::6810:7aaf
2620:1ec:46::44
2a00:1450:4001:830::200a
2a06:98c1:3120::3
44.198.62.156
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
0e88b6fcbb8591edfd28184fa70a04b6dd3af8a14367c628edd7caba32e58c68
1206c115332539c74da9e3e501aeb2f8bf6fae72f41d280dce782f9a06afe987
1e268be3e9581d9d052cf75c28ec41a1308466b155cc1a22b6353ecd6b6a3224
34f9db946e89f031a80dfca7b16b2b686469c9886441261ae70a44da1dfa2d58
3abf9881e4ee4756b27d994b8854d9baa1fb6c24bbe54850921a00584f81a07d
55ce3b0ce5bc71339308107982cd7671f96014256ded0be36dc8062e64c847f1
6eb1c21407380f11961a9dc559b6db8e945edf3d10c289778306e7bf0fac4c41
6f68153f638155eb464c6170752aaef22b5774877b3b74c8d7d0d06189247ed1
7960db13ff5efb8230f30a1982d0326f5f7ad14cce9b8cae89c411421cfb8e20
8ed8f3acb9b87f99e42c74463d4e2be96ee85b8a87cd6eb874295ace420a5904
9528ca634fecad433d044ddd3e6f9ce1f068d5d932dafdbb19d8e6daea1968bd
9bdbbe1644cde127547093ec23761f0cd416230df61b59197c6574ab3cfb4724
fd4ce12a87594281afcee9c73a40fe7acc282bcc9e764fbb3afa1481a96a091e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e