quickaccessjkhehkbhyzx.web.app
Open in
urlscan Pro
151.101.65.195
Malicious Activity!
Public Scan
Submission: On April 14 via manual from DE
Summary
TLS certificate: Issued by GTS CA 1D4 on March 17th 2021. Valid for: 3 months.
This is the only time quickaccessjkhehkbhyzx.web.app was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Generic Email (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 151.101.65.195 151.101.65.195 | 54113 (FASTLY) (FASTLY) | |
7 | 34.228.50.232 34.228.50.232 | 14618 (AMAZON-AES) (AMAZON-AES) | |
11 | 3 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-228-50-232.compute-1.amazonaws.com
basalt-bush-zydeco.glitch.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
7 |
glitch.me
basalt-bush-zydeco.glitch.me |
315 KB |
1 |
web.app
quickaccessjkhehkbhyzx.web.app |
5 KB |
11 | 2 |
Domain | Requested by | |
---|---|---|
7 | basalt-bush-zydeco.glitch.me |
quickaccessjkhehkbhyzx.web.app
basalt-bush-zydeco.glitch.me |
1 | quickaccessjkhehkbhyzx.web.app | |
11 | 2 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
web.app GTS CA 1D4 |
2021-03-17 - 2021-06-15 |
3 months | crt.sh |
glitch.com Amazon |
2021-01-18 - 2022-02-15 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://quickaccessjkhehkbhyzx.web.app/
Frame ID: 83E8AA17547373617B55D366ACAE08BF
Requests: 12 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
11 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
quickaccessjkhehkbhyzx.web.app/ |
14 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.css
basalt-bush-zydeco.glitch.me/ |
141 KB 142 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
basalt-bush-zydeco.glitch.me/ |
1 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.css
basalt-bush-zydeco.glitch.me/ |
30 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
basalt-bush-zydeco.glitch.me/ |
2 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
basalt-bush-zydeco.glitch.me/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.js
basalt-bush-zydeco.glitch.me/ |
50 KB 50 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstraps.js
basalt-bush-zydeco.glitch.me/ |
4 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
884 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontawesome-webfont.woff2
basalt-bush-zydeco.glitch.me/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontawesome-webfont.woff
basalt-bush-zydeco.glitch.me/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fontawesome-webfont.ttf
basalt-bush-zydeco.glitch.me/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- basalt-bush-zydeco.glitch.me
- URL
- https://basalt-bush-zydeco.glitch.me/fonts/fontawesome-webfont.woff2?v=4.7.0
- Domain
- basalt-bush-zydeco.glitch.me
- URL
- https://basalt-bush-zydeco.glitch.me/fonts/fontawesome-webfont.woff?v=4.7.0
- Domain
- basalt-bush-zydeco.glitch.me
- URL
- https://basalt-bush-zydeco.glitch.me/fonts/fontawesome-webfont.ttf?v=4.7.0
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Generic Email (Online)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated string| cxts function| $ function| jQuery object| bootstrap0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31556926; includeSubDomains; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
basalt-bush-zydeco.glitch.me
quickaccessjkhehkbhyzx.web.app
basalt-bush-zydeco.glitch.me
151.101.65.195
34.228.50.232
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
7b3e10ed2f867fd289acfef86780d8f78ecae39000fed6a0557a3b82b15b57e3
baf2d51cbd0879fe718632d177f003b7cc5742c5ee85348593a0caea2707ba26
c4047043368afb4baf1aed25d358a5c2a333842a3b436b58491ab36aeee65b9d
ced78d8bba482945231677e2f576da5c1b4d451ab6b7c01c231150080474ef61
e2a5473e6981ff59ee9c4604de67dd327518126c89a598ef738ea1efada2f924
f50010fb3423b3c462b636e5cb4af628c18f7b15f448203a0ef6dcae0df22a6b
fdce77a6d0053f32d231518a84a71bcab5c86045ed52369da00b89d4284aef46