organized-seed-agate.glitch.me Open in urlscan Pro
34.235.79.124  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response organized-seed-agate.glitch.me/	163 KB 164 KB	456ms 253ms	Document text/html	34.235.79.124 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://organized-seed-agate.glitch.me/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.235.79.124 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-79-124.compute-1.amazonaws.com Software AmazonS3 / Resource Hash 03c1692bc94adfc14fb2b4062bd7b1c745e28040ca4fad31da91820f355c9d61 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Response headers accept-ranges bytes cache-control no-cache content-length 167160 content-type text/html; charset=utf-8 date Mon, 16 Dec 2024 00:33:14 GMT etag "7ead7f5c786604d09e0b9b6c4063b666" last-modified Mon, 09 Dec 2024 23:05:38 GMT server AmazonS3 x-amz-id-2 s/lM8do8segXMy4DikUQEppdo0huVqXoxS1uuwo+AVzCSwVTXk5K0g9HtPuZuVuJ8c8FFYKAqyg= x-amz-request-id RANR76ZQWZ9FSPXA x-amz-server-side-encryption AES256 x-amz-version-id VIFPeB_SAHNrTQoXtWdvBMb0URFv.eoZ
GET DATA	200 OK	truncated /	5 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 9241453e99644ed913735907d62b2ce5c6ef51c18f0780e95857fc345ba511d3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET DATA	200 OK	truncated /	41 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 59d7f74e29500e39832625a29b47a6d709703193ca0ad5c537118ae8712a8ac4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer Response headers Content-Type image/png
GET H2	404	favicon.ico organized-seed-agate.glitch.me/	4 KB 4 KB	118ms 117ms	Other text/html	34.235.79.124 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://organized-seed-agate.glitch.me/favicon.ico Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 34.235.79.124 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-235-79-124.compute-1.amazonaws.com Software / Resource Hash 2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Referer https://organized-seed-agate.glitch.me/ Response headers date Mon, 16 Dec 2024 00:33:15 GMT cache-control max-age=0 content-length 3674

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Postmaster (Online)

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| _A50H35mL12qk99eWjM12SQ049X1R4ejpfo function| _QTW7v07E7O88q9h34lb8s995Gkyp1qUk0c1B3e75Bz object| _$ object| _V77u0W95chN2s6C2VUJ84CW9S number| _D0S246T0881I4cS3K907pW5iY75jOeEZnYTC8xOgKjw334F object| _WB0KDTM76i2UD0zV3VK object| _Lm10XZapTpHikci0EGx1Hbug8RKH0Ok48yXJRYdb object| _YuYfU6W7jGd081eXnOuti4t1NY object| mail

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://organized-seed-agate.glitch.me/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://organized-seed-agate.glitch.me/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

organized-seed-agate.glitch.me
34.235.79.124
03c1692bc94adfc14fb2b4062bd7b1c745e28040ca4fad31da91820f355c9d61
2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c
59d7f74e29500e39832625a29b47a6d709703193ca0ad5c537118ae8712a8ac4
9241453e99644ed913735907d62b2ce5c6ef51c18f0780e95857fc345ba511d3