candy-dandy-ton.glitch.me Open in urlscan Pro
34.195.19.52 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html
Submission: On September 12 via api (September 12th 2022, 1:27:43 pm UTC) from KR — Scanned from DE

Summary HTTP 20 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 4 domains to perform 20 HTTP transactions. The main IP is 34.195.19.52, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is candy-dandy-ton.glitch.me.

This is the only time candy-dandy-ton.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Daum (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	34.195.19.52 34.195.19.52	14618 (AMAZON-AES) (AMAZON-AES)
3	211.231.99.82 211.231.99.82	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
8	2a02:26f0:350... 2a02:26f0:3500:12::1730:17a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	121.53.105.218 121.53.105.218	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
1	211.231.108.164 211.231.108.164	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
1	27.0.237.134 27.0.237.134	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
1 4	121.53.105.246 121.53.105.246	38099 (KAKAO-AS-...) (KAKAO-AS-KR Kakao Corp)
2	121.53.105.147 121.53.105.147	() ()
20	8

1 34.195.19.52 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-19-52.compute-1.amazonaws.com

candy-dandy-ton.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 211.231.99.82 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

logins.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3500:12::1730:17a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

t1.daumcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 121.53.105.218 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

developers.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.231.108.164 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

m1.daumcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 27.0.237.134 (Korea, Republic Of)

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

display.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 121.53.105.246 (Korea, Republic Of) 1 redirects

ASN38099 (KAKAO-AS-KR Kakao Corp, KR)

track.tiara.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webid.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
webid.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 121.53.105.147 (None, )

ASN- ()

ka.ad.daum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	daumcdn.net t1.daumcdn.net — Cisco Umbrella Rank: 18312 m1.daumcdn.net — Cisco Umbrella Rank: 78877	114 KB
9	daum.net 1 redirects logins.daum.net — Cisco Umbrella Rank: 138774 display.ad.daum.net — Cisco Umbrella Rank: 28694 track.tiara.daum.net — Cisco Umbrella Rank: 265796 webid.ad.daum.net — Cisco Umbrella Rank: 65652 ka.ad.daum.net	21 KB
2	kakao.com developers.kakao.com — Cisco Umbrella Rank: 44438 webid.kakao.com — Cisco Umbrella Rank: 92257	112 KB
1	glitch.me candy-dandy-ton.glitch.me	35 KB
20	4

	Domain	Requested by
8	t1.daumcdn.net	candy-dandy-ton.glitch.me logins.daum.net t1.daumcdn.net
3	logins.daum.net	candy-dandy-ton.glitch.me
2	ka.ad.daum.net	t1.daumcdn.net
2	track.tiara.daum.net	candy-dandy-ton.glitch.me
1	webid.kakao.com	candy-dandy-ton.glitch.me
1	webid.ad.daum.net	1 redirects
1	display.ad.daum.net	t1.daumcdn.net
1	m1.daumcdn.net	candy-dandy-ton.glitch.me
1	developers.kakao.com	candy-dandy-ton.glitch.me
1	candy-dandy-ton.glitch.me
20	10

This site contains links to these domains. Also see Links.

Domain
www.daum.net
member.daum.net
www.kakaocorp.com
cs.daum.net

Subject Issuer	Validity	Valid
logins.daum.net DigiCert SHA2 Extended Validation Server CA	`2022-05-17` - `2023-05-31`	a year	crt.sh
*.daumcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-01` - `2023-08-02`	a year	crt.sh
*.kakao.com Thawte TLS RSA CA G1	`2021-09-17` - `2022-09-30`	a year	crt.sh
ad.daum.net Thawte TLS RSA CA G1	`2022-01-25` - `2023-01-31`	a year	crt.sh
www.tiara.kakao.com Thawte TLS RSA CA G1	`2022-07-14` - `2023-07-29`	a year	crt.sh

This page contains 2 frames:

Primary Page: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html
Frame ID: E860F00BDA8C8A70F4D6995E981C46B4
Requests: 16 HTTP requests in this frame

Frame: https://t1.daumcdn.net/adfit/adunit_style/fa4d7f52e795f09be9d8b7a4ed98035c623b3029
Frame ID: EF967730753ACCAE76FCC9CEA8B726F4
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Daum 로그인

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

20
Requests

80 %
HTTPS

13 %
IPv6

4
Domains

10
Subdomains

8
IPs

3
Countries

281 kB
Transfer

522 kB
Size

8
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: http://www.daum.net/
Title: DAUM

Search URL Search Domain Scan URL

URL: https://member.daum.net/join?rtnUrl=http%3A%2F%2Fmail2.daum.net%2Fhanmailex%2FTop.daum
Title: 회원가입

Search URL Search Domain Scan URL

URL: https://member.daum.net/find/id.do
Title: 아이디 찾기

Search URL Search Domain Scan URL

URL: https://member.daum.net/find/password.do
Title: 비밀번호 찾기

Search URL Search Domain Scan URL

URL: http://www.kakaocorp.com/
Title: © Kakao Corp.

Search URL Search Domain Scan URL

URL: http://cs.daum.net/faq/59/14970.html
Title: 고객센터

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://webid.ad.daum.net/sync?v=0.0.1 HTTP 302
https://webid.kakao.com/sync?data=4dvk1V4MNrvhUoF8vNiID949PhwpwLZRaeyRXanYYaNRDJbZfwoEgOzo%2BZlj3Pa8YTsYGTGpbQxzpayJg14%2FFzc9G6bYWuRLNWI2NOvhqs8DB%2FZ4t148u5lNUVNI3Erw

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request %EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html Show response
candy-dandy-ton.glitch.me/ 35 KB
35 KB 494ms
373ms Document
text/html 34.195.19.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html
Protocol: HTTP/1.1
Server: 34.195.19.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-19-52.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 5f000aadbc073e1beb9c4a9ee3e721304d6f3d2bda6de8041373a910c33e27d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Length: 35446
Content-Type: text/html; charset=utf-8
Date: Mon, 12 Sep 2022 13:27:36 GMT
accept-ranges: bytes
cache-control: no-cache
etag: "fd2ac3a6d53b5a10cf0e7d76b2af0bc8"
last-modified: Sun, 11 Sep 2022 23:11:03 GMT
server: AmazonS3
x-amz-id-2: EeX0Wiz+ALOs7ldjDCITcsu7eEhaVZDofEcaVwCjNd9lcKNYNZlcI8QVltPUwZVu5YGvUh5b2us=
x-amz-request-id: EHHTNSVESG6G173F
x-amz-version-id: arBExrWHuwnL9waU0lcJLiFITGWld9Z4

GET
H/1.1 200
OK pc.css
logins.daum.net/contents/min/css/ 17 KB
4 KB 1833ms
264ms Stylesheet
text/css 211.231.99.82
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to

Full URL: https://logins.daum.net/contents/min/css/pc.css
Requested by: Host: candy-dandy-ton.glitch.me
URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 211.231.99.82 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software: Apache Tomcat /
Resource Hash: 3e70b4792cec8323f565abd7afe03f39ee6516a8cb4a44fbdd8a26057f3efa77

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candy-dandy-ton.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:27:37 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 09:35:08 GMT
Server: Apache Tomcat
ETag: W/"17063-1661938508000"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 404
Not Found font_pc.css
logins.daum.net/contents/min/css/ 0
0 1836ms
266ms Stylesheet
text/html 211.231.99.82
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to

Full URL: https://logins.daum.net/contents/min/css/font_pc.css
Requested by: Host: candy-dandy-ton.glitch.me
URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 211.231.99.82 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candy-dandy-ton.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

GET
H2 200 jquery-1.12.1.min.js Show response
t1.daumcdn.net/id/statics/common/js-lib/ 95 KB
33 KB 630ms
23ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/id/statics/common/js-lib/jquery-1.12.1.min.js
Requested by: Host: candy-dandy-ton.glitch.me
URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772

Request headers

Referer: http://candy-dandy-ton.glitch.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 12 Sep 2022 13:27:37 GMT
content-encoding: gzip
last-modified: Tue, 05 Dec 2017 04:26:37 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=313496182
x-wcss: dC1jb21tb24wMS1id2NhY2hlNDE6MDpjaHR0cDoxNw==
accept-ranges: bytes
content-length: 33894
expires: Wed, 18 Aug 2032 23:43:59 GMT

GET
H2 200 jquery.cookie-1.3.1.min.js Show response
t1.daumcdn.net/id/statics/common/js-lib/ 1000 B
777 B 633ms
28ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/id/statics/common/js-lib/jquery.cookie-1.3.1.min.js
Requested by: Host: candy-dandy-ton.glitch.me
URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: e59bba1708d06698afe08ebc4c9ce3c9a14e1fca0d7826e824bd6ed04a153b54

Request headers

Referer: http://candy-dandy-ton.glitch.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 12 Sep 2022 13:27:37 GMT
content-encoding: gzip
last-modified: Tue, 12 Dec 2017 07:29:04 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=312953672
x-wcss: dC1jb21tb24wMS1id2NhY2hlMjY6MDpjaHR0cDoyMw==
accept-ranges: bytes
content-length: 556
expires: Thu, 12 Aug 2032 17:02:09 GMT

GET
H2 200 kakao.min.js Show response
developers.kakao.com/sdk/js/ 110 KB
111 KB 1492ms
263ms Script
application/javascript 121.53.105.218
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to

Full URL

https://developers.kakao.com/sdk/js/kakao.min.js

Requested by

Host: candy-dandy-ton.glitch.me
URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

121.53.105.218 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

2fb9e7ee98b3256d3de984abc4c136b6907e6be8677fc759643c90b17dfa90de

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: http://candy-dandy-ton.glitch.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 12 Sep 2022 13:27:38 GMT
last-modified: Wed, 29 Jun 2022 02:20:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
accept-ranges: bytes
content-length: 113131
expires: Mon, 12 Sep 2022 14:27:38 GMT

GET
H/1.1 200
OK login-default.js Show response
logins.daum.net/contents/min/js/ 36 KB
13 KB 1835ms
267ms Script
application/javascript 211.231.99.82
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to

Full URL: https://logins.daum.net/contents/min/js/login-default.js
Requested by: Host: candy-dandy-ton.glitch.me
URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 211.231.99.82 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software: Apache Tomcat /
Resource Hash: 4997b3813d2a33fc39de36b4f5d9d529fd0c2a08ed0c6fae9f4b706885025005

Request headers

Referer: http://candy-dandy-ton.glitch.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date: Mon, 12 Sep 2022 13:27:38 GMT
Content-Encoding: gzip
Last-Modified: Wed, 31 Aug 2022 09:35:08 GMT
Server: Apache Tomcat
ETag: W/"36851-1661938508000"
Vary: Accept-Encoding
Content-Type: application/javascript
Transfer-Encoding: chunked
Accept-Ranges: bytes

GET
H/1.1 200
OK ad.min.js Show response
t1.daumcdn.net/adfit/static/ 2 KB
1 KB 43ms
22ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://t1.daumcdn.net/adfit/static/ad.min.js
Requested by: Host: candy-dandy-ton.glitch.me
URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html
Protocol: HTTP/1.1
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 10397020b18155c46f267362d8c811c2a787ccf57dc2b5412b509f0a8d8ec7fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candy-dandy-ton.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

X-WCSS: dC1jb21tb24wMS1id2NhY2hlMjQ6MDpjaHR0cDoxOA==
Date: Mon, 12 Sep 2022 13:27:38 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Nov 2021 10:51:01 GMT
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2274
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1059
Expires: Mon, 12 Sep 2022 14:05:32 GMT

GET
H2 200 logo_daum.png
t1.daumcdn.net/id/logins/2020/ 1 KB
1 KB 23ms
23ms Image
image/png 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.daumcdn.net/id/logins/2020/logo_daum.png
Requested by: Host: logins.daum.net
URL: https://logins.daum.net/contents/min/css/pc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 50d4a8f26b0c851839a82ee89ac4cdbe92a520049d2cc005c45d04b872e6defe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://logins.daum.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:27:39 GMT
last-modified: Thu, 14 May 2020 07:46:09 GMT
server: openresty
content-type: image/png
cache-control: max-age=3621
x-wcss: dC1jb21tb24wMS1id2NhY2hlMzU6MDpjaHR0cDowOQ==
accept-ranges: bytes
content-length: 1306
expires: Mon, 12 Sep 2022 14:28:00 GMT

GET
H2 200 ico_login_201224.png
t1.daumcdn.net/id/logins/2020/ 5 KB
5 KB 24ms
24ms Image
image/png 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.daumcdn.net/id/logins/2020/ico_login_201224.png
Requested by: Host: logins.daum.net
URL: https://logins.daum.net/contents/min/css/pc.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 6845a3538e9237f310d087c193a3626926bd22dd49041836614673b1fa553813

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://logins.daum.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:27:39 GMT
last-modified: Thu, 24 Dec 2020 00:08:34 GMT
server: openresty
content-type: image/png
cache-control: max-age=16988
x-wcss: dC1jb21tb24wMS1id2NhY2hlNTE6MDpjaHR0cDoxMw==
accept-ranges: bytes
content-length: 5333
expires: Mon, 12 Sep 2022 18:10:47 GMT

GET
H/1.1 200
OK td.min.js Show response
m1.daumcdn.net/tiara/js/ 38 KB
10 KB 1418ms
264ms Script
text/javascript 211.231.108.164
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to

Full URL: http://m1.daumcdn.net/tiara/js/td.min.js
Requested by: Host: candy-dandy-ton.glitch.me
URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html
Protocol: HTTP/1.1
Server: 211.231.108.164 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software: nginx /
Resource Hash: 5ab4f05cbe1a5cf7b22b8609cefc5e0f09f8b8577fe9d9b2e775279045a027b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candy-dandy-ton.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:27:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Nov 2019 06:50:37 GMT
Server: nginx
Age: 1784
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/javascript
Cache-Control: max-age=7200
X-WCSS: dC1jb21tb24wMS1id2NhY2hlNTM6MDpjaHR0cDoxMQ==
Accept-Ranges: bytes
Content-Length: 10260
Expires: Mon, 12 Sep 2022 14:57:56 GMT

GET
H2 200 ba.min.js Show response
t1.daumcdn.net/kas/static/ 145 KB
45 KB 24ms
24ms Script
text/javascript 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/kas/static/ba.min.js
Requested by: Host: t1.daumcdn.net
URL: http://t1.daumcdn.net/adfit/static/ad.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 61adfc43929748faf8e7d39e81f9ef67fb56e848ab93a3f9089b94c7adbef4ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candy-dandy-ton.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:27:39 GMT
content-encoding: gzip
last-modified: Wed, 24 Aug 2022 05:25:18 GMT
server: openresty
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=2599
x-wcss: dC1jb21tb24wMS1id2NhY2hlMTowOmNodHRwOjA1
accept-ranges: bytes
content-length: 45974
expires: Mon, 12 Sep 2022 14:10:58 GMT

GET
H/1.1 200
OK banner Show response
display.ad.daum.net/sdk/ 3 KB
2 KB 1716ms
498ms XHR
application/json 27.0.237.134
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to

Full URL: https://display.ad.daum.net/sdk/banner?id=00Y28&cnt=1&pxratio=1&pwidth=1600&pheight=1200&containerid=kakao_ad_NNDwuA&ppi=96&lmt=N&containerwidth=0&test=N&ctag=%7B%7D&sdktype=web&sdkver=4.5.2&secretmode=N&network=6&surl=http%3A%2F%2Fcandy-dandy-ton.glitch.me%2F%25EB%25B9%2584%25EB%25B0%2580%25EB%25B2%2588%25ED%2598%25B8.html&cookiedisabled=N&rfseq=1&appkey=d10838164fe04a4e6da8e1f6d9972096&browser=chrome&browserver=105&sdkid=435a21ec-2422-4ebe-a8ab-6e358b78bc93
Requested by: Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/kas/static/ba.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 27.0.237.134 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),
Reverse DNS
Software: Apache /
Resource Hash: 75321f172aad600712a78422a0e76f5312b33d1923fb7c7cbcfc577df03ae2b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candy-dandy-ton.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

Date: Mon, 12 Sep 2022 13:27:40 GMT
Content-Encoding: gzip
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: Apache
Vary: Origin,Accept-Encoding
P3P: CP="ALL CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC OTC"
Access-Control-Allow-Origin: http://candy-dandy-ton.glitch.me
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: close
Content-Type: application/json
Content-Length: 1428

GET
H2 404 footsteps
track.tiara.daum.net/queen/ 13 B
136 B 937ms
263ms Image
text/plain 121.53.105.246
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.tiara.daum.net/queen/footsteps?dummy=1665100686733&ishome=U&referer=&title=Daum%20%EB%A1%9C%EA%B7%B8%EC%9D%B8&version=2.8.7&dpr=1&cke=Y&tz=0&rand_id=1662989260643&pck=Y&puid=1662989260643&url=http%3A%2F%2Fcandy-dandy-ton.glitch.me%2F%25EB%25B9%2584%25EB%25B0%2580%25EB%25B2%2588%25ED%2598%25B8.html

Requested by

Host: candy-dandy-ton.glitch.me
URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

121.53.105.246 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candy-dandy-ton.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:27:41 GMT
content-length: 13
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=utf-8

GET
H2 200 fa4d7f52e795f09be9d8b7a4ed98035c623b3029 Show response
t1.daumcdn.net/adfit/adunit_style/ Frame EF96 29 KB
11 KB 25ms
24ms Document
text/html 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.daumcdn.net/adfit/adunit_style/fa4d7f52e795f09be9d8b7a4ed98035c623b3029
Requested by: Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/kas/static/ba.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 7db43678603231009137d1c61e2c5c29c5d9e7800497c95929cf62fa1c6e553e

Request headers

Referer: http://candy-dandy-ton.glitch.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=10364
content-encoding: gzip
content-length: 11270
content-type: text/html
date: Mon, 12 Sep 2022 13:27:41 GMT
expires: Mon, 12 Sep 2022 16:20:25 GMT
last-modified: Tue, 15 Mar 2022 04:41:11 GMT
server: openresty
vary: Accept-Encoding
x-wcss: dC1jb21tb24wMS1id2NhY2hlNjc6MDpjaHR0cDowNA==

GET
H2

200

sync
webid.kakao.com/
Redirect Chain

https://webid.ad.daum.net/sync?v=0.0.1
https://webid.kakao.com/sync?data=4dvk1V4MNrvhUoF8vNiID949PhwpwLZRaeyRXanYYaNRDJbZfwoEgOzo%2BZlj3Pa8YTsYGTGpbQxzpayJg14%2FFzc9G6bYWuRLNWI2NOvhqs8DB%2FZ4t148u5lNUVNI3Erw

35 B
698 B

438ms
262ms

Image
image/gif

121.53.105.246
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://webid.kakao.com/sync?data=4dvk1V4MNrvhUoF8vNiID949PhwpwLZRaeyRXanYYaNRDJbZfwoEgOzo%2BZlj3Pa8YTsYGTGpbQxzpayJg14%2FFzc9G6bYWuRLNWI2NOvhqs8DB%2FZ4t148u5lNUVNI3Erw

Requested by

Host: candy-dandy-ton.glitch.me
URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html

Protocol

Server

121.53.105.246 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candy-dandy-ton.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:27:42 GMT
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
p3p: CP="ALL DSP COR MON LAW IVDi HIS IVAi DELi SAMi OUR LEG PHY UNI ONL DEM STA INT NAV PUR FIN OTC GOV"
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 12 Sep 2022 13:27:42 GMT
location: https://webid.kakao.com/sync?data=4dvk1V4MNrvhUoF8vNiID949PhwpwLZRaeyRXanYYaNRDJbZfwoEgOzo%2BZlj3Pa8YTsYGTGpbQxzpayJg14%2FFzc9G6bYWuRLNWI2NOvhqs8DB%2FZ4t148u5lNUVNI3Erw
x-frame-options: DENY
access-control-allow-methods: GET, OPTIONS
p3p: CP="ALL DSP COR MON LAW IVDi HIS IVAi DELi SAMi OUR LEG PHY UNI ONL DEM STA INT NAV PUR FIN OTC GOV"
access-control-allow-origin: *
cache-control: no-cache, no-store
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/gif
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ico_adlogo2.png
t1.daumcdn.net/biz/ui/ad/ Frame EF96 5 KB
5 KB 23ms
22ms Image
image/png 2a02:26f0:3500:12::1730:17a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t1.daumcdn.net/biz/ui/ad/ico_adlogo2.png
Requested by: Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/adfit/adunit_style/fa4d7f52e795f09be9d8b7a4ed98035c623b3029
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:12::1730:17a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: openresty /
Resource Hash: 750c0c8f5484e0b7ca7c69f0f4ef3eb382dd96a133f24592a9bb23586290c08f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t1.daumcdn.net/adfit/adunit_style/fa4d7f52e795f09be9d8b7a4ed98035c623b3029
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 12 Sep 2022 13:27:41 GMT
last-modified: Wed, 17 Mar 2021 02:58:49 GMT
server: openresty
content-type: image/png
cache-control: max-age=11483
x-wcss: dC1jb21tb24wMS1id2NhY2hlMTA6MDpjaHR0cDowNA==
accept-ranges: bytes
content-length: 4637
expires: Mon, 12 Sep 2022 16:39:04 GMT

GET
H2 200 Tpn9jrMaHHPsWmxn2b6D509Bj0M9DvDtlyuiDIXGMwxiitUreF9l7QrmBIwNRraB0tHFgSLVdeKf2dZdOgs3Prt4wTzs_OQEpUC8vKLdmUT8PsnlspxKfFc937FKDWnrm41gCj-HEJ_lx8ebZj1XyN-GUDzP_Pe-aIUQYn2IZ3pcmIPyEoQC
ka.ad.daum.net/rimp/ Frame EF96 43 B
155 B 2013ms
264ms Image
image/gif 121.53.105.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ka.ad.daum.net/rimp/Tpn9jrMaHHPsWmxn2b6D509Bj0M9DvDtlyuiDIXGMwxiitUreF9l7QrmBIwNRraB0tHFgSLVdeKf2dZdOgs3Prt4wTzs_OQEpUC8vKLdmUT8PsnlspxKfFc937FKDWnrm41gCj-HEJ_lx8ebZj1XyN-GUDzP_Pe-aIUQYn2IZ3pcmIPyEoQC?p=vuW5w4qGK2h2yXTQOgtqLpJz89egSoI49ZHMrlENZkk&ac=DYKt3-8qSDWvWi4gpOmV7g8Qix5rV_S_m2CiCI2WeF0qiNIwK1BssBXgBI0IFKLQ

Requested by

Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/adfit/adunit_style/fa4d7f52e795f09be9d8b7a4ed98035c623b3029

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

121.53.105.147 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t1.daumcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:27:43 GMT
content-length: 43
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/gif

GET
H2 404 footsteps
track.tiara.daum.net/queen/ 13 B
135 B 262ms
262ms Image
text/plain 121.53.105.246
KAKAO-AS-KR Kakao...

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: candy-dandy-ton.glitch.me
URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

121.53.105.246 , Korea, Republic Of, ASN38099 (KAKAO-AS-KR Kakao Corp, KR),

Reverse DNS

Software

Resource Hash

7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://candy-dandy-ton.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:27:41 GMT
content-length: 13
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/plain; charset=utf-8

GET
H2 200 Tpn9jrMaHHPsWmxn2b6D509Bj0M9DvDtlyuiDIXGMwxiitUreF9l7QrmBIwNRraB0tHFgSLVdeKf2dZdOgs3Prt4wTzs_OQEpUC8vKLdmUT8PsnlspxKfFc937FKDWnrm41gCj-HEJ_lx8ebZj1XyN-GUDzP_Pe-aIUQYn2IZ3pcmIPyEoQC
ka.ad.daum.net/vimp/ Frame EF96 43 B
154 B 985ms
265ms Image
image/gif 121.53.105.147

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ka.ad.daum.net/vimp/Tpn9jrMaHHPsWmxn2b6D509Bj0M9DvDtlyuiDIXGMwxiitUreF9l7QrmBIwNRraB0tHFgSLVdeKf2dZdOgs3Prt4wTzs_OQEpUC8vKLdmUT8PsnlspxKfFc937FKDWnrm41gCj-HEJ_lx8ebZj1XyN-GUDzP_Pe-aIUQYn2IZ3pcmIPyEoQC?p=vuW5w4qGK2h2yXTQOgtqLpJz89egSoI49ZHMrlENZkk

Requested by

Host: t1.daumcdn.net
URL: https://t1.daumcdn.net/adfit/adunit_style/fa4d7f52e795f09be9d8b7a4ed98035c623b3029

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

121.53.105.147 -, , ASN (),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://t1.daumcdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.102 Safari/537.36

Response headers

date: Mon, 12 Sep 2022 13:27:43 GMT
content-length: 43
strict-transport-security: max-age=15724800; includeSubDomains
content-type: image/gif

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Daum (Online)

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
candy-dandy-ton.glitch.me/	1970-01-20 14:42:05	Name: adfit_sdk_id Value: 435a21ec-2422-4ebe-a8ab-6e358b78bc93
.ad.daum.net/	1970-01-20 14:42:05	Name: aid Value: 89288b176e134343b74e48ec9f7a9dfe
.ad.daum.net/	1970-01-20 14:42:05	Name: aid_ts Value: 1662989260664
.daum.net/	1970-01-20 15:32:29	Name: webid Value: 89288b176e134343b74e48ec9f7a9dfe
.daum.net/	1970-01-20 15:32:29	Name: webid_sync Value: 1662989262401
.daum.net/	1970-01-20 15:32:29	Name: webid_ts Value: 1662989260664
.kakao.com/	1970-01-20 15:32:29	Name: webid Value: 89288b176e134343b74e48ec9f7a9dfe
.kakao.com/	1970-01-20 15:32:29	Name: webid_ts Value: 1662989260664

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://t1.daumcdn.net/id/statics/common/js-lib/jquery-1.12.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://t1.daumcdn.net/id/statics/common/js-lib/jquery-1.12.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://t1.daumcdn.net/id/statics/common/js-lib/jquery.cookie-1.3.1.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://developers.kakao.com/sdk/js/kakao.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://candy-dandy-ton.glitch.me/%EB%B9%84%EB%B0%80%EB%B2%88%ED%98%B8.html Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://logins.daum.net/contents/min/js/login-default.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://logins.daum.net/contents/min/css/font_pc.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://track.tiara.daum.net/queen/footsteps?dummy=1665100686733&ishome=U&referer=&title=Daum%20%EB%A1%9C%EA%B7%B8%EC%9D%B8&version=2.8.7&dpr=1&cke=Y&tz=0&rand_id=1662989260643&pck=Y&puid=1662989260643&url=http%3A%2F%2Fcandy-dandy-ton.glitch.me%2F%25EB%25B9%2584%25EB%25B0%2580%25EB%25B2%2588%25ED%2598%25B8.html Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://track.tiara.daum.net/queen/footsteps?dummy=1665100686733&ishome=U&referer=&title=Daum%20%EB%A1%9C%EA%B7%B8%EC%9D%B8&version=2.8.7&dpr=1&cke=Y&tz=0&rand_id=1662989260643&pck=Y&puid=1662989260643&url=http%3A%2F%2Fcandy-dandy-ton.glitch.me%2F%25EB%25B9%2584%25EB%25B0%2580%25EB%25B2%2588%25ED%2598%25B8.html Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

candy-dandy-ton.glitch.me
developers.kakao.com
display.ad.daum.net
ka.ad.daum.net
logins.daum.net
m1.daumcdn.net
t1.daumcdn.net
track.tiara.daum.net
webid.ad.daum.net
webid.kakao.com
121.53.105.147
121.53.105.218
121.53.105.246
211.231.108.164
211.231.99.82
27.0.237.134
2a02:26f0:3500:12::1730:17a6
34.195.19.52
10397020b18155c46f267362d8c811c2a787ccf57dc2b5412b509f0a8d8ec7fd
2359d383bf2d4ab65ebf7923bdf74ce40e4093f6e58251b395a64034b3c39772
2fb9e7ee98b3256d3de984abc4c136b6907e6be8677fc759643c90b17dfa90de
3e70b4792cec8323f565abd7afe03f39ee6516a8cb4a44fbdd8a26057f3efa77
4997b3813d2a33fc39de36b4f5d9d529fd0c2a08ed0c6fae9f4b706885025005
50d4a8f26b0c851839a82ee89ac4cdbe92a520049d2cc005c45d04b872e6defe
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5ab4f05cbe1a5cf7b22b8609cefc5e0f09f8b8577fe9d9b2e775279045a027b4
5f000aadbc073e1beb9c4a9ee3e721304d6f3d2bda6de8041373a910c33e27d6
61adfc43929748faf8e7d39e81f9ef67fb56e848ab93a3f9089b94c7adbef4ab
6845a3538e9237f310d087c193a3626926bd22dd49041836614673b1fa553813
750c0c8f5484e0b7ca7c69f0f4ef3eb382dd96a133f24592a9bb23586290c08f
75321f172aad600712a78422a0e76f5312b33d1923fb7c7cbcfc577df03ae2b5
7d04f7431bbfa41a04bcc7e6b98b9de0d919756c4c671c5785c99fff45f16402
7db43678603231009137d1c61e2c5c29c5d9e7800497c95929cf62fa1c6e553e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
e59bba1708d06698afe08ebc4c9ce3c9a14e1fca0d7826e824bd6ed04a153b54

candy-dandy-ton.glitch.me Open in urlscan Pro 34.195.19.52 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

20 Requests

80 %HTTPS

13 %IPv6

4 Domains

10 Subdomains

8 IPs

3 Countries

281 kBTransfer

522 kBSize

8 Cookies

6 Outgoing links

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

29 JavaScript Global Variables

8 Cookies

8 Console Messages

Indicators

candy-dandy-ton.glitch.me Open in urlscan Pro
34.195.19.52 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

80 %
HTTPS

13 %
IPv6

4
Domains

10
Subdomains

8
IPs

3
Countries

281 kB
Transfer

522 kB
Size

8
Cookies

20 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!