storagesettings-aol.glitch.me

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 3 HTTP transactions. The main IP is 44.196.165.201, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is storagesettings-aol.glitch.me.

This is the only time storagesettings-aol.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: AOL (Online) Yahoo (Online)

Domain & IP information

	IP Address	AS Autonomous System
2	44.196.165.201 44.196.165.201	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:6ea0:c40... 2a02:6ea0:c400::11	60068 (CDN77 ^_^) (CDN77 ^_^)
3	3

2 44.196.165.201 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-196-165-201.compute-1.amazonaws.com

storagesettings-aol.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

img.icons8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	glitch.me storagesettings-aol.glitch.me	55 KB
1	icons8.com img.icons8.com — Cisco Umbrella Rank: 31019	2 KB
3	2

	Domain	Requested by
2	storagesettings-aol.glitch.me	storagesettings-aol.glitch.me
1	img.icons8.com	storagesettings-aol.glitch.me
3	2

This site contains no links.

Subject Issuer	Validity	Valid
1004834818.rsc.cdn77.org R3	`2022-12-10` - `2023-03-10`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://storagesettings-aol.glitch.me/
Frame ID: A3F5CB2429AA1E7D3EFCB324C928ECC0
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

AOL

Page Statistics

3
Requests

33 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

58 kB
Transfer

73 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
storagesettings-aol.glitch.me/ 50 KB
51 KB 104ms
74ms Document
text/html 44.196.165.201
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: http://storagesettings-aol.glitch.me/
Protocol: HTTP/1.1
Server: 44.196.165.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-165-201.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b99602b8b8cbd4fcf01b69d5ce0db32f98302d75068e54fd23f675bd747c6e5a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 51520
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Dec 2022 15:09:09 GMT
accept-ranges: bytes
cache-control: no-cache
etag: "d2573b3a18e7c5f01fe0c8578e942480"
last-modified: Wed, 09 Nov 2022 07:15:52 GMT
server: AmazonS3
x-amz-id-2: cSSUie/219drAMIXFvYs0Or4vnG1o/coFkJE/U6y9w5TEbtqRaAeaQ0G84e+SzTDPKYa3x0Of8M=
x-amz-request-id: F7A1V8V3V3EZWJVZ
x-amz-version-id: Y6C_CIJuA6zbqq_TkBAaxzVg5tMYY.QJ

GET
H/1.1 200
OK style.css
storagesettings-aol.glitch.me/ 4 KB
5 KB 71ms
71ms Stylesheet
text/css 44.196.165.201
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: http://storagesettings-aol.glitch.me/style.css
Requested by: Host: storagesettings-aol.glitch.me
URL: http://storagesettings-aol.glitch.me/
Protocol: HTTP/1.1
Server: 44.196.165.201 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-196-165-201.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b682e25868088b29ee87376426bccd1172051f4828806a2679dd1138baaf7070

Request headers

accept-language: en-US,en;q=0.9
Referer: http://storagesettings-aol.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Date: Mon, 12 Dec 2022 15:09:10 GMT
x-amz-version-id: 3JBV63wBkF7WvQW3xAVEcX2a8iijeOTo
last-modified: Wed, 09 Nov 2022 07:15:52 GMT
server: AmazonS3
x-amz-request-id: KKTDTCDY33A54RD1
etag: "e721cb74e2fd144c777f54c7f6d40fe4"
Content-Type: text/css; charset=utf-8
cache-control: no-cache
Connection: keep-alive
accept-ranges: bytes
Content-Length: 4158
x-amz-id-2: Dhg2B1tufO4gcWVlGb+TXWdHvFDmt/yUrFFKTYZLqdS6cRWJrHxZxtv5s3OavxGBnJTcE01w9Nw=

GET
H2 200 google-logo.png
img.icons8.com/color/50/000000/ 2 KB
2 KB 90ms
19ms Image
image/png 2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Download Go to Show image

Full URL

https://img.icons8.com/color/50/000000/google-logo.png

Requested by

Host: storagesettings-aol.glitch.me
URL: http://storagesettings-aol.glitch.me/

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

Software

CDN77-Turbo /

Resource Hash

95114cdd61002ac26d364a300477662892d1d2aaaa7665f4d0e18f99acc56f94

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: http://storagesettings-aol.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Mon, 12 Dec 2022 15:09:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
icon-id: 17949
memory-svg-cache: true
from-cache: false
from-svg-cache: true
x-dns-prefetch-control: off
icon-format: png
x-cache: HIT
x-77-cache: HIT
x-age: 235591
content-length: 1734
x-xss-protection: 1; mode=block
x-77-nzt: AZySJBZS9CjvR5gDAA
x-accel-expires: @1670924559
not-found-platform: false
icon-size: 50
last-modified: Fri, 09 Dec 2022 21:42:39 GMT
server: CDN77-Turbo
x-77-nzt-ray: 1e192d080ffe5a9a164497637e7f370e
x-download-options: noopen
content-type: image/png
access-control-allow-origin: *
memory-cache: true
access-control-expose-headers: Content-Disposition
cache-control: public, max-age=302400
accept-ranges: bytes
version: 0.1.0-SNAPSHOT.20221127205645739

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f3e22262b472ee52e51e9f053856daf9a3f7ce59dd66d51f201f1ee7faaf5690

Request headers

accept-language: en-US,en;q=0.9
Referer: http://storagesettings-aol.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338

Request headers

accept-language: en-US,en;q=0.9
Referer: http://storagesettings-aol.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.98 Safari/537.36

Response headers

Content-Type: image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: AOL (Online) Yahoo (Online)

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.icons8.com
storagesettings-aol.glitch.me
2a02:6ea0:c400::11
44.196.165.201
0fdefe26bac6a6b0b06fe67984582f887af70b7da25d6cb1b401f9074db58338
95114cdd61002ac26d364a300477662892d1d2aaaa7665f4d0e18f99acc56f94
b682e25868088b29ee87376426bccd1172051f4828806a2679dd1138baaf7070
b99602b8b8cbd4fcf01b69d5ce0db32f98302d75068e54fd23f675bd747c6e5a
f3e22262b472ee52e51e9f053856daf9a3f7ce59dd66d51f201f1ee7faaf5690

storagesettings-aol.glitch.me Open in urlscan Pro 44.196.165.201 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

3 Requests

33 %HTTPS

50 %IPv6

2 Domains

2 Subdomains

3 IPs

1 Countries

58 kBTransfer

73 kBSize

0 Cookies

0 Outgoing links

Redirected requests

3 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

1 JavaScript Global Variables

0 Cookies

Indicators

storagesettings-aol.glitch.me Open in urlscan Pro
44.196.165.201 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

3
Requests

33 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

58 kB
Transfer

73 kB
Size

0
Cookies

3 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!