mooseglen-2lvpb0--88794654918735.stormkit.dev Open in urlscan Pro
3.64.188.62  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

12 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/	1 MB 107 KB	433ms 236ms	Document text/html	3.64.188.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.64.188.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-188-62.eu-central-1.compute.amazonaws.com Software / Resource Hash c9af0960dd8c09899e40b5a80148419e4642db6bfdd856e207526a51b8b99fa9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 accept-language fi-FI,fi;q=0.9 Response headers content-encoding gzip content-type text/html; charset=utf-8 date Wed, 17 May 2023 18:20:31 GMT etag "12169d-q9wPJBVb4j5+/9z47Ojx/5id2Xg" vary Accept-Encoding x-robots-tag noindex x-sk-dynamic false x-sk-version 88794654918735
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	261ms 81ms	Script text/javascript	2a00:1450:4001:80b::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: mooseglen-2lvpb0--88794654918735.stormkit.dev URL: https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language fi-FI,fi;q=0.9 Referer https://mooseglen-2lvpb0--88794654918735.stormkit.dev/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Fri, 12 May 2023 09:27:47 GMT content-encoding gzip x-content-type-options nosniff age 463964 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 11 May 2024 09:27:47 GMT
GET H2	200	styles.39921502ffc3308e5cf0.bundle.css mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/	103 KB 21 KB	250ms 248ms	Stylesheet text/css	3.64.188.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/styles.39921502ffc3308e5cf0.bundle.css Requested by Host: mooseglen-2lvpb0--88794654918735.stormkit.dev URL: https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.64.188.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-188-62.eu-central-1.compute.amazonaws.com Software / Resource Hash e6e29922e8467a5db6fcd491ab7fa38ee746992abbf39db4db06d59d53bb20b2 Request headers accept-language fi-FI,fi;q=0.9 Referer https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-sk-dynamic false date Wed, 17 May 2023 18:20:31 GMT content-encoding gzip x-sk-version 88794654918735 etag "19c7d-QarHSimalJsRnDx1+F4S3Mv7XXA" vary Accept-Encoding content-type text/css; charset=utf-8 x-robots-tag noindex
GET H2	200	estilos.css mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/	1 MB 100 KB	248ms 247ms	Stylesheet text/css	3.64.188.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/estilos.css Requested by Host: mooseglen-2lvpb0--88794654918735.stormkit.dev URL: https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.64.188.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-188-62.eu-central-1.compute.amazonaws.com Software / Resource Hash 3d77e17eff7ff31b8e3fd2871efd8806a4d037aa2b4c7f196e7aa765dfc692fb Request headers accept-language fi-FI,fi;q=0.9 Referer https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-sk-dynamic false date Wed, 17 May 2023 18:20:31 GMT content-encoding gzip x-sk-version 88794654918735 etag "1015c5-mBoK5G5+T5wQhrXZr9E8gWBZ/ao" vary Accept-Encoding content-type text/css; charset=utf-8 x-robots-tag noindex
GET H2	200	prismaWeb.css mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/	123 KB 16 KB	146ms 146ms	Stylesheet text/css	3.64.188.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/prismaWeb.css Requested by Host: mooseglen-2lvpb0--88794654918735.stormkit.dev URL: https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.64.188.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-188-62.eu-central-1.compute.amazonaws.com Software / Resource Hash b08aa0320bab8817e3d30ecfe71a01eff590881794d735282bf1558f4a1a6d69 Request headers accept-language fi-FI,fi;q=0.9 Referer https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-sk-dynamic false date Wed, 17 May 2023 18:20:31 GMT content-encoding gzip x-sk-version 88794654918735 etag "1ec5b-vcUAFpqvgb9Jp9u5SQbnXQRoQuA" vary Accept-Encoding content-type text/css; charset=utf-8 x-robots-tag noindex
GET H2	200	keyboardLowerCaseLowContrast.png mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/img/	6 KB 5 KB	132ms 131ms	Image image/png	3.64.188.62 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/img/keyboardLowerCaseLowContrast.png Requested by Host: mooseglen-2lvpb0--88794654918735.stormkit.dev URL: https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.64.188.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-188-62.eu-central-1.compute.amazonaws.com Software / Resource Hash d7d908335b484d3310b807cbf69b666341a6234b6eeaa337f8b779dc9411d025 Request headers accept-language fi-FI,fi;q=0.9 Referer https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-sk-dynamic false date Wed, 17 May 2023 18:20:32 GMT content-encoding gzip x-sk-version 88794654918735 etag "1601-JLG/hqwJr4DxATFNmYKAElmIa1I" vary Accept-Encoding content-type image/png x-robots-tag noindex
GET H2	200	6f851c1f8a2197e8215bfba708791e38.jpg mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/img/	104 KB 103 KB	182ms 182ms	Image image/jpeg	3.64.188.62 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/img/6f851c1f8a2197e8215bfba708791e38.jpg Requested by Host: mooseglen-2lvpb0--88794654918735.stormkit.dev URL: https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.64.188.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-188-62.eu-central-1.compute.amazonaws.com Software / Resource Hash f3eada35f785744654e96d7143682e90809fbe1c856be4868597d1bd27edb6a9 Request headers accept-language fi-FI,fi;q=0.9 Referer https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-sk-dynamic false date Wed, 17 May 2023 18:20:32 GMT content-encoding gzip x-sk-version 88794654918735 etag "1a002-+NonM8+wTuTSxCd6QzovnE2lAik" vary Accept-Encoding content-type image/jpeg x-robots-tag noindex
GET H2	200	sax.js Show response mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/js/	1 KB 1 KB	198ms 198ms	Script text/javascript	3.64.188.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/js/sax.js Requested by Host: mooseglen-2lvpb0--88794654918735.stormkit.dev URL: https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.64.188.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-188-62.eu-central-1.compute.amazonaws.com Software / Resource Hash d6bd88b971347b48a989e90a4ce440460ee41d136575e43a17261e498cc5e4a5 Request headers accept-language fi-FI,fi;q=0.9 Referer https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-sk-dynamic false date Wed, 17 May 2023 18:20:32 GMT x-sk-version 88794654918735 etag "471-i3emsz6jOdZE+AM58Bo2YID3RnU" vary Accept-Encoding content-type text/javascript; charset=utf-8 x-robots-tag noindex content-length 1137
GET H2	200	/ Show response api.ipify.org/	22 B 133 B	873ms 218ms	XHR application/json	104.237.62.211 WEBNX
General Check archive.org Show headers Download Go to Full URL https://api.ipify.org/?format=json Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.237.62.211 El Segundo, United States, ASN18450 (WEBNX, US), Reverse DNS hosted-by.racknerd.com Software / Resource Hash 162f8c85473ab5010d2a45a0f6254cc3c24487ac0b90212ab7cb40f56b96ce20 Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://mooseglen-2lvpb0--88794654918735.stormkit.dev/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers access-control-allow-origin https://mooseglen-2lvpb0--88794654918735.stormkit.dev date Wed, 17 May 2023 18:20:32 GMT content-length 22 vary Origin content-type application/json
GET H2	200	/ Show response ipinfo.io/	294 B 537 B	306ms 176ms	XHR application/json	34.117.59.81 GOOGLE-CLOUD-PLAT...
General Check archive.org Show headers Download Go to Full URL https://ipinfo.io/ Requested by Host: ajax.googleapis.com URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US), Reverse DNS 81.59.117.34.bc.googleusercontent.com Software / Resource Hash dd562c0d065f5e318ae57cb1c3bd76d66411316ef6674ba7fcd5d4d61a501293 Security Headers Name Value Strict-Transport-Security max-age=2592000; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 1; mode=block Request headers Accept application/json, text/javascript, */*; q=0.01 Referer https://mooseglen-2lvpb0--88794654918735.stormkit.dev/ accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers date Wed, 17 May 2023 18:20:32 GMT strict-transport-security max-age=2592000; includeSubDomains x-content-type-options nosniff referrer-policy strict-origin-when-cross-origin content-encoding gzip via 1.1 google x-frame-options SAMEORIGIN vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin * x-envoy-upstream-service-time 2 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 1; mode=block
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6c8b35760fefe68e1ef1fd3859aebffd5aa4cc485cddd5cc9c53c57142269609 Request headers accept-language fi-FI,fi;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers Content-Type image/png
GET H2	200	OpenSans-Regular.14077b877bbfbc815a94.woff2 mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/	50 KB 50 KB	168ms 167ms	Font font/woff2	3.64.188.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/OpenSans-Regular.14077b877bbfbc815a94.woff2 Requested by Host: mooseglen-2lvpb0--88794654918735.stormkit.dev URL: https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/styles.39921502ffc3308e5cf0.bundle.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.64.188.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-188-62.eu-central-1.compute.amazonaws.com Software / Resource Hash e2f4ead06057e7ced0b5cbc89280a655ba66ea4d6fe54fa2c8381d35e278c4f9 Request headers Referer https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/styles.39921502ffc3308e5cf0.bundle.css Origin https://mooseglen-2lvpb0--88794654918735.stormkit.dev accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-sk-dynamic false date Wed, 17 May 2023 18:20:32 GMT content-encoding gzip x-sk-version 88794654918735 etag "c764-8Kx8f9Hf8DlwGRp4BYA+HJvGdfo" vary Accept-Encoding content-type font/woff2 x-robots-tag noindex
GET H2	200	streamline.7b5e048cdbd03151c26c.woff mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/	387 KB 169 KB	183ms 183ms	Font font/woff	3.64.188.62 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/streamline.7b5e048cdbd03151c26c.woff?19c5cw Requested by Host: mooseglen-2lvpb0--88794654918735.stormkit.dev URL: https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/styles.39921502ffc3308e5cf0.bundle.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 3.64.188.62 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-3-64-188-62.eu-central-1.compute.amazonaws.com Software / Resource Hash a9250e188e59d4a24ca87e42656357f7a0669a31d0f330939078acf7f3cd882d Request headers Referer https://mooseglen-2lvpb0--88794654918735.stormkit.dev/cus/css/styles.39921502ffc3308e5cf0.bundle.css Origin https://mooseglen-2lvpb0--88794654918735.stormkit.dev accept-language fi-FI,fi;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36 Response headers x-sk-dynamic false date Wed, 17 May 2023 18:20:32 GMT content-encoding gzip x-sk-version 88794654918735 etag "60c30-y1yruQGVFgb6gvfct37dD9q5if0" vary Accept-Encoding content-type font/woff x-robots-tag noindex

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Cuscatlan de El Salvador (Banking)

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless function| $ function| jQuery string| telegram_bot_id number| chat_id undefined| u_name undefined| pax undefined| pax2 undefined| ip undefined| ip2 function| ready function| sender

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			mooseglen-2lvpb0--88794654918735.stormkit.dev/	1970-01-20 12:35:39	Name: sk_variant Value: 88794654918735

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api.ipify.org
ipinfo.io
mooseglen-2lvpb0--88794654918735.stormkit.dev
104.237.62.211
2a00:1450:4001:80b::200a
3.64.188.62
34.117.59.81
162f8c85473ab5010d2a45a0f6254cc3c24487ac0b90212ab7cb40f56b96ce20
3d77e17eff7ff31b8e3fd2871efd8806a4d037aa2b4c7f196e7aa765dfc692fb
6c8b35760fefe68e1ef1fd3859aebffd5aa4cc485cddd5cc9c53c57142269609
a9250e188e59d4a24ca87e42656357f7a0669a31d0f330939078acf7f3cd882d
b08aa0320bab8817e3d30ecfe71a01eff590881794d735282bf1558f4a1a6d69
c9af0960dd8c09899e40b5a80148419e4642db6bfdd856e207526a51b8b99fa9
d6bd88b971347b48a989e90a4ce440460ee41d136575e43a17261e498cc5e4a5
d7d908335b484d3310b807cbf69b666341a6234b6eeaa337f8b779dc9411d025
dd562c0d065f5e318ae57cb1c3bd76d66411316ef6674ba7fcd5d4d61a501293
e2f4ead06057e7ced0b5cbc89280a655ba66ea4d6fe54fa2c8381d35e278c4f9
e6e29922e8467a5db6fcd491ab7fa38ee746992abbf39db4db06d59d53bb20b2
f3eada35f785744654e96d7143682e90809fbe1c856be4868597d1bd27edb6a9
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d