urlscan.io logo urlscan.io
SecurityTrails logo

validacionenlinea2024.glitch.me Open in urlscan Pro
52.201.3.183  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://validacionenlinea2024.glitch.me/
Submission Tags: falconsandbox
Submission: On December 13 via api from US — Scanned from ES
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 8 HTTP transactions. The main IP is 52.201.3.183, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is validacionenlinea2024.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 3rd 2024. Valid for: a year.
This is the only time validacionenlinea2024.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Microsoft (Consumer)

Domain & IP information

IP Address AS Autonomous System
3 52.201.3.183 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 151.101.66.132 54113 (FASTLY)
1 104.26.13.205 13335 (CLOUDFLAR...)
1 34.117.59.81 396982 (GOOGLE-CL...)
8 5
3    52.201.3.183 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-3-183.compute-1.amazonaws.com
validacionenlinea2024.glitch.me
1    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    151.101.66.132 (San Francisco, United States)

ASN54113 (FASTLY, US)
cdn.glitch.global
1    104.26.13.205 (None, )

ASN13335 (CLOUDFLARENET, US)
api.ipify.org
1    34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io
Apex Domain
Subdomains		 Transfer
3 glitch.me
validacionenlinea2024.glitch.me
9 KB
2 glitch.global
cdn.glitch.global — Cisco Umbrella Rank: 161832
23 KB
1 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 7599
449 B
1 ipify.org
api.ipify.org — Cisco Umbrella Rank: 2001
317 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 415
31 KB
8 5
Domain Requested by
3 validacionenlinea2024.glitch.me validacionenlinea2024.glitch.me
2 cdn.glitch.global validacionenlinea2024.glitch.me
1 ipinfo.io ajax.googleapis.com
1 api.ipify.org ajax.googleapis.com
1 ajax.googleapis.com validacionenlinea2024.glitch.me
8 5

This site contains no links.

Subject Issuer Validity Valid
glitch.com
Amazon RSA 2048 M02		 2024-11-03 -
2025-12-03		 a year crt.sh
upload.video.google.com
WR2		 2024-11-04 -
2025-01-27		 3 months crt.sh
cdn.glitch.global
R10		 2024-11-26 -
2025-02-24		 3 months crt.sh
ipify.org
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh
ipinfo.io
R11		 2024-11-15 -
2025-02-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://validacionenlinea2024.glitch.me/
Frame ID: 135764C803EA576AB7C2C6107F0BD3A9
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Iniciar sesiĆ³n en tu cuenta Microsoft

Detected technologies

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

8
Requests

100 %
HTTPS

20 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

63 kB
Transfer

118 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
validacionenlinea2024.glitch.me/ 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://validacionenlinea2024.glitch.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.3.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-3-183.compute-1.amazonaws.com
Software
/ Express
Resource Hash
883bae0ccd5afea8af7903b288fba31a69c8b9ba4514aa6681736df0a93926b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
public, max-age=0
content-length
4818
content-type
text/html; charset=UTF-8
date
Fri, 13 Dec 2024 23:47:54 GMT
etag
W/"12d2-192b6bd1510"
last-modified
Wed, 23 Oct 2024 00:18:18 GMT
x-powered-by
Express
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: validacionenlinea2024.glitch.me
URL: https://validacionenlinea2024.glitch.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://validacionenlinea2024.glitch.me/

Response headers

content-encoding
gzip
age
364545
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Tue, 09 Dec 2025 18:32:10 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Mon, 09 Dec 2024 18:32:10 GMT
last-modified
Fri, 08 May 2020 07:05:03 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31021
x-xss-protection
0
server
sffe
estilo.css
validacionenlinea2024.glitch.me/ 		4 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://validacionenlinea2024.glitch.me/estilo.css
Requested by
Host: validacionenlinea2024.glitch.me
URL: https://validacionenlinea2024.glitch.me/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.3.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-3-183.compute-1.amazonaws.com
Software
/ Express
Resource Hash
b4895a696d8bd4479fd0d82fbb1d1e886f3b592024b366ec25513843f530b4f3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://validacionenlinea2024.glitch.me/

Response headers

cache-control
public, max-age=0
etag
W/"edd-192b6bcb368"
accept-ranges
bytes
content-length
3805
date
Fri, 13 Dec 2024 23:47:55 GMT
content-type
text/css; charset=UTF-8
x-powered-by
Express
last-modified
Wed, 23 Oct 2024 00:17:53 GMT
222hotmail.jpg
cdn.glitch.global/619bbf3f-0832-4238-90da-3c5dfc53bd19/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.glitch.global/619bbf3f-0832-4238-90da-3c5dfc53bd19/222hotmail.jpg?v=1714286364817
Requested by
Host: validacionenlinea2024.glitch.me
URL: https://validacionenlinea2024.glitch.me/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
981b4809872d27aa2e26bb1c78051a6ccfb4ba33a394c2ce68f2869feddfc413
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://validacionenlinea2024.glitch.me/

Response headers

etag
"110cd374d8c1e9ba5e1fede4c30e68cb"
age
796833
access-control-allow-methods
GET, HEAD, POST
x-cache
HIT, HIT
date
Fri, 13 Dec 2024 23:47:55 GMT
last-modified
Sun, 28 Apr 2024 06:39:26 GMT
x-served-by
cache-iad-kiad7000118-IAD, cache-mad22063-MAD
x-cache-hits
20, 0
content-type
image/jpeg
x-amz-id-2
Lb+ZtKjj06pS+LU9pYdGIHw20aiBhuKQeyl6OAraRQcrfw+2KCWc8DaA1NSfr/juMNAZNg8G3k9If8uuIiKIzG0El1NqmJGb5RIaSBHoeoU=
content-security-policy
script-src 'none'
cache-control
max-age=31536000
x-timer
S1734133675.163257,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-request-id
9KQA9WAX9W2Y6GXZ
accept-ranges
bytes
access-control-allow-origin
*
content-length
2651
server
AmazonS3
x-amz-server-side-encryption
AES256
/
api.ipify.org/ 		22 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.ipify.org/?format=json
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.13.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b7ada52e65a3fa23548f3d43281bf99f08c0ce537b9edab5b78b53a266920ac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://validacionenlinea2024.glitch.me/

Response headers

cf-cache-status
DYNAMIC
cf-ray
8f19d78fbb1eecaa-MAD
access-control-allow-origin
*
server-timing
cfL4;desc="?proto=TCP&rtt=39975&min_rtt=39149&rtt_var=6980&sent=7&recv=11&lost=0&retrans=0&sent_bytes=4026&recv_bytes=2253&delivery_rate=106162&cwnd=253&unsent_bytes=0&cid=0b25b2740944e39f&ts=162&x=0"
content-length
22
date
Fri, 13 Dec 2024 23:47:55 GMT
content-type
application/json
vary
Origin
server
cloudflare
/
ipinfo.io/ 		248 B
449 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
01ec5c9d69ec9f7d289a115956794c66cd746cc49fc0763ed3a629895903bb4f
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://validacionenlinea2024.glitch.me/

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
via
1.1 google
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
date
Fri, 13 Dec 2024 23:47:55 GMT
x-xss-protection
1; mode=block
content-type
application/json; charset=utf-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
22background.svg
validacionenlinea2024.glitch.me/ 		155 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://validacionenlinea2024.glitch.me/22background.svg
Requested by
Host: validacionenlinea2024.glitch.me
URL: https://validacionenlinea2024.glitch.me/estilo.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.201.3.183 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-3-183.compute-1.amazonaws.com
Software
/ Express
Resource Hash
1d5d3bdd75baf648b632d64c4172395fc4f3fc3e14db07f6a332821c5b75e3fe
Security Headers
Name Value
Content-Security-Policy default-src 'none'
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://validacionenlinea2024.glitch.me/estilo.css

Response headers

content-security-policy
default-src 'none'
content-length
155
date
Fri, 13 Dec 2024 23:47:55 GMT
content-type
text/html; charset=utf-8
x-powered-by
Express
x-content-type-options
nosniff
22favicon.png
cdn.glitch.global/619bbf3f-0832-4238-90da-3c5dfc53bd19/ 		20 KB
20 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.glitch.global/619bbf3f-0832-4238-90da-3c5dfc53bd19/22favicon.png?v=1714286509047
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a3af539ab5cc889b3faa5f8c0496fa8215d24e1fbdae96806bead302658d9f0
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://validacionenlinea2024.glitch.me/

Response headers

etag
"68e2c533ba339904634f5e9304f207ed"
age
3486805
access-control-allow-methods
GET, HEAD, POST
x-cache
HIT, HIT
date
Fri, 13 Dec 2024 23:47:55 GMT
last-modified
Sun, 28 Apr 2024 06:41:50 GMT
x-served-by
cache-iad-kiad7000141-IAD, cache-mad22063-MAD
x-cache-hits
188, 0
content-type
image/png
x-amz-id-2
WFzFh6rDBziIHI9ZI2WPiOQclda6EWywMu2xJ8OrUgWlqBIaD/Mac2OT+s6RIvyAT7WfkWhg/XR3M7szYImHPVBQPPl0PRjK
content-security-policy
script-src 'none'
cache-control
max-age=31536000
x-timer
S1734133676.512313,VS0,VE1
via
1.1 varnish, 1.1 varnish
x-amz-request-id
YC7501A28BTYD383
accept-ranges
bytes
access-control-allow-origin
*
content-length
20005
server
AmazonS3
x-amz-server-side-encryption
AES256

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Microsoft (Consumer)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| sender

0 Cookies

3 Console Messages

Source Level URL
Text
rendering warning URL: https://validacionenlinea2024.glitch.me/(Line 9)
Message:
The key "minimun-sacale" is not recognized and ignored.
recommendation verbose URL: https://validacionenlinea2024.glitch.me/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network error URL: https://validacionenlinea2024.glitch.me/22background.svg
Message:
Failed to load resource: the server responded with a status of 404 ()