bedecked-garrulous-quality.glitch.me Open in urlscan Pro
44.197.227.46 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bedecked-garrulous-quality.glitch.me/
Effective URL:
https://bedecked-garrulous-quality.glitch.me/wetransfer.com
Submission: On July 04 via automatic, source phishtank (July 4th 2024, 6:01:10 am UTC) — Scanned from DE

Summary HTTP 19 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 19 HTTP transactions. The main IP is 44.197.227.46, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is bedecked-garrulous-quality.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.

This is the only time bedecked-garrulous-quality.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: WeTransfer (Online)

Domain & IP information

	IP Address	AS Autonomous System
3	44.197.227.46 44.197.227.46	14618 (AMAZON-AES) (AMAZON-AES)
8	2606:4700::68... 2606:4700::6812:791	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.68.36.8 51.68.36.8	16276 (OVH) (OVH)
1	2a04:4e42:200... 2a04:4e42:200::649	54113 (FASTLY) (FASTLY)
1 1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	151.101.193.91 151.101.193.91	54113 (FASTLY) (FASTLY)
1 1	99.86.4.38 99.86.4.38	16509 (AMAZON-02) (AMAZON-02)
1	18.66.102.85 18.66.102.85	16509 (AMAZON-02) (AMAZON-02)
19	7

3 44.197.227.46 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-227-46.compute-1.amazonaws.com

bedecked-garrulous-quality.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:791 (United States)

ASN13335 (CLOUDFLARENET, US)

storageapi.fleek.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.36.8 (United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3121917.ip-51-68-36.eu

i.gifer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cloud.webtype.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.91 (San Francisco, United States) 1 redirects

ASN54113 (FASTLY, US)

cloud.typenetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.38 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-38.fra6.r.cloudfront.net

cdn.glitch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.102.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-85.fra56.r.cloudfront.net

cdn.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	fleek.co storageapi.fleek.co — Cisco Umbrella Rank: 679288	174 KB
4	glitch.me bedecked-garrulous-quality.glitch.me cdn.glitch.me — Cisco Umbrella Rank: 226424	185 KB
2	typenetwork.com 1 redirects cloud.typenetwork.com — Cisco Umbrella Rank: 56503	2 KB
1	glitch.com 1 redirects cdn.glitch.com — Cisco Umbrella Rank: 231466	460 B
1	webtype.com 1 redirects cloud.webtype.com — Cisco Umbrella Rank: 120592	528 B
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 816	30 KB
1	gifer.com i.gifer.com — Cisco Umbrella Rank: 85171	45 KB
19	7

	Domain	Requested by
8	storageapi.fleek.co	bedecked-garrulous-quality.glitch.me storageapi.fleek.co
3	bedecked-garrulous-quality.glitch.me	bedecked-garrulous-quality.glitch.me
2	cloud.typenetwork.com	1 redirects bedecked-garrulous-quality.glitch.me
1	cdn.glitch.me	bedecked-garrulous-quality.glitch.me
1	cdn.glitch.com	1 redirects
1	cloud.webtype.com	1 redirects
1	code.jquery.com	bedecked-garrulous-quality.glitch.me
1	i.gifer.com	bedecked-garrulous-quality.glitch.me
19	8

This site contains links to these domains. Also see Links.

Domain
help.glitch.com
glitch.com

Subject Issuer	Validity	Valid
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
fleek.co Cloudflare Inc ECC CA-3	`2024-01-29` - `2024-12-31`	a year	crt.sh
gifer.com R10	`2024-06-27` - `2024-09-25`	3 months	crt.sh
*.jquery.com Sectigo ECC Domain Validation Secure Server CA	`2024-06-25` - `2025-06-25`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://bedecked-garrulous-quality.glitch.me/wetransfer.com
Frame ID: C9AF49FD841DB6C68310F5A2D649F6B6
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Well, you found a glitch.

Page URL History Show full URLs

http://bedecked-garrulous-quality.glitch.me/ HTTP 307
https://bedecked-garrulous-quality.glitch.me/ Page URL
https://bedecked-garrulous-quality.glitch.me/wetransfer.com Page URL

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

19
Requests

68 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

435 kB
Transfer

552 kB
Size

0
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://help.glitch.com/
Title: Help Center

Search URL Search Domain Scan URL

URL: https://glitch.com/
Title: Back to Glitch

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bedecked-garrulous-quality.glitch.me/ HTTP 307
https://bedecked-garrulous-quality.glitch.me/ Page URL
https://bedecked-garrulous-quality.glitch.me/wetransfer.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bedecked-garrulous-quality.glitch.me/ HTTP 307
https://bedecked-garrulous-quality.glitch.me/

Request Chain 15

https://cloud.webtype.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css HTTP 301
https://cloud.typenetwork.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css HTTP 301
https://cloud.typenetwork.com/projects/5027/fontface.css/

Request Chain 16

https://cdn.glitch.com/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png?v=1595481653593 HTTP 301
https://cdn.glitch.me/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response
bedecked-garrulous-quality.glitch.me/
Redirect Chain

http://bedecked-garrulous-quality.glitch.me/
https://bedecked-garrulous-quality.glitch.me/

10 KB
11 KB

484ms
234ms

Document
text/html

44.197.227.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bedecked-garrulous-quality.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.227.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-227-46.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 1f209adf9e9f87d3fae8def6089b9b6b6c865dbad4d26eb98ef502eef428a131

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 10687
content-type: text/html; charset=utf-8
date: Thu, 04 Jul 2024 06:01:05 GMT
etag: "b9f45e3f965519616fa998865894de8d"
last-modified: Wed, 31 May 2023 04:04:23 GMT
server: AmazonS3
x-amz-id-2: lSqgDfNEIXL8lfB5YJWT7c2cPUwS1zYTQ4u73eQ9tCSIa3wYIB6aCqxgs1yRlFCx3WEdb5WugZNNHDQMyf3eHxoTeaunJPzk9AURew6rUqI=
x-amz-request-id: Y0Y5WVMNGSAEZJSX
x-amz-server-side-encryption: AES256
x-amz-version-id: aUJ2F3yJE9xTVjJ3YZnrbCjr6VB_351T

Redirect headers

Location: https://bedecked-garrulous-quality.glitch.me/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 css.css
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/ 5 KB
2 KB 777ms
676ms Stylesheet
text/css 2606:4700::6812:791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/css.css

Requested by

Host: bedecked-garrulous-quality.glitch.me
URL: https://bedecked-garrulous-quality.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:791 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cc758d6f4ae4c42ad18a2d731abecc064b2c1c4676ef852a4a70f640983c9ae

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bedecked-garrulous-quality.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:01:06 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 11 Sep 2022 10:16:53 GMT
server: cloudflare
x-amz-request-id: 17DCB6DFDE150594
etag: W/"bafybeih6kspinnq23twtcjtiib6chb3n5cu2f7d4bkwlajaggla4nupnzq"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 89dce61199d18fe2-FRA
x-xss-protection: 1; mode=block
expires: Thu, 04 Jul 2024 10:01:06 GMT

GET
H2 200 checkbox.css
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/ 1 KB
645 B 869ms
768ms Stylesheet
text/css 2606:4700::6812:791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/checkbox.css

Requested by

Host: bedecked-garrulous-quality.glitch.me
URL: https://bedecked-garrulous-quality.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:791 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ab96691d78536247ca2ab64aac5af744cf699926fa30d393ae859c9fa803b42c

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bedecked-garrulous-quality.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:01:06 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 11 Sep 2022 10:16:53 GMT
server: cloudflare
x-amz-request-id: 17DEDD21EA4BDB68
etag: W/"bafybeibgvokgwybajizqfuuzu6gipiom5pzaffhcexlefhw3bkehtidaq4"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 89dce61199cd8fe2-FRA
x-xss-protection: 1; mode=block
expires: Thu, 04 Jul 2024 10:01:06 GMT

GET
H2 200 all.css
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/ 71 KB
13 KB 821ms
720ms Stylesheet
text/css 2606:4700::6812:791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/all.css

Requested by

Host: bedecked-garrulous-quality.glitch.me
URL: https://bedecked-garrulous-quality.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:791 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

530cb4c29b444dc89dd73a4e0812f803be98d3448a48edca8aafdbc55a0b97eb

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bedecked-garrulous-quality.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:01:06 GMT
content-security-policy: block-all-mixed-content
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Sun, 11 Sep 2022 10:16:54 GMT
server: cloudflare
x-amz-request-id: 17DCB6E02DFEDC34
etag: W/"bafybeifn25ou76enaoedkhqvxjgm7tpftkec5jjgdlvaxekmk26qx353qa"
vary: Origin, Accept-Encoding
content-type: text/css
cache-control: public, max-age=14400
cf-ray: 89dce61199d08fe2-FRA
x-xss-protection: 1; mode=block
expires: Thu, 04 Jul 2024 10:01:06 GMT

GET
H2 200 welogo.png
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/wetransfer/ 8 KB
8 KB 822ms
721ms Image
image/png 2606:4700::6812:791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/wetransfer/welogo.png

Requested by

Host: bedecked-garrulous-quality.glitch.me
URL: https://bedecked-garrulous-quality.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:791 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fde8de58e658a62c12f0bda8f732e6af9c6667ca19b9dca5c34f269fbf05758

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bedecked-garrulous-quality.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:01:06 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: REVALIDATED
last-modified: Sun, 11 Sep 2022 10:23:25 GMT
server: cloudflare
x-amz-request-id: 17DCB6DEA2FD4F7E
etag: "bafybeid3gy7inzncltgg45h3m6traikbbn6moh7sy37pdza7abyff5ofie"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89dce61199d58fe2-FRA
content-length: 7753
x-xss-protection: 1; mode=block
expires: Thu, 04 Jul 2024 10:01:06 GMT

GET
H2 200 rfq.jpg
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/images/ 19 KB
19 KB 822ms
721ms Image
image/jpeg 2606:4700::6812:791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/images/rfq.jpg

Requested by

Host: bedecked-garrulous-quality.glitch.me
URL: https://bedecked-garrulous-quality.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:791 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9603ccd69cc60be665a640e101659e107d652589841ba9a5f6108a2a617fad3

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bedecked-garrulous-quality.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:01:06 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: REVALIDATED
x-amz-request-id: 17DCB6DECCBAC8E1
content-length: 18979
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sun, 11 Sep 2022 12:00:49 GMT
server: cloudflare
etag: "bafybeig6e55cdosh3qwhfhzh7hp5l4egsxw3u5euf5w5gzcaieuaemx4oe"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89dce61199d38fe2-FRA
expires: Thu, 04 Jul 2024 10:01:06 GMT

GET
H2 200 pp.jpg
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/images/ 93 KB
93 KB 772ms
680ms Image
image/jpeg 2606:4700::6812:791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/images/pp.jpg

Requested by

Host: bedecked-garrulous-quality.glitch.me
URL: https://bedecked-garrulous-quality.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:791 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b53544d900cc956f0389cf888fd0c6d7b86a824e80a1ed93e112eb82086e006a

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bedecked-garrulous-quality.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:01:06 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: REVALIDATED
x-amz-request-id: 17DCB6DF06A2AEF7
content-length: 94816
x-xss-protection: 1; mode=block
cf-bgj: h2pri
last-modified: Sun, 11 Sep 2022 12:00:52 GMT
server: cloudflare
etag: "bafybeichuxe67bcmzt4tbqah23m6tr3g3qnfmvjfopo3uugzsge74nnsny"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89dce61199d48fe2-FRA
expires: Thu, 04 Jul 2024 10:01:06 GMT

GET
H2 200 specs.jpg
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/images/ 31 KB
31 KB 808ms
807ms Image
image/jpeg 2606:4700::6812:791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/images/specs.jpg

Requested by

Host: bedecked-garrulous-quality.glitch.me
URL: https://bedecked-garrulous-quality.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:791 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bedecked-garrulous-quality.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:01:06 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: MISS
last-modified: Sun, 11 Sep 2022 12:00:51 GMT
server: cloudflare
x-amz-request-id: 17DEED288EF2754B
etag: "bafybeidb4a52gy7rdhhesqhbzuxa5cpxhvubjwyjiiywqxmujn5oiovz44"
vary: Origin, Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89dce6121a5b8fe2-FRA
content-length: 31537
x-xss-protection: 1; mode=block
expires: Thu, 04 Jul 2024 10:01:06 GMT

GET
H2 200 logo.png
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/wetransfer/ 8 KB
8 KB 689ms
688ms Image
image/png 2606:4700::6812:791
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/wetransfer/logo.png

Requested by

Host: bedecked-garrulous-quality.glitch.me
URL: https://bedecked-garrulous-quality.glitch.me/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:791 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72d11555972a6f3b75c19057d0fb0013ea2bb592b6a011e79ed87afcbd2bbfe6

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bedecked-garrulous-quality.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:01:06 GMT
content-security-policy: block-all-mixed-content
cf-cache-status: REVALIDATED
last-modified: Sun, 11 Sep 2022 10:23:26 GMT
server: cloudflare
x-amz-request-id: 17DD5489E8F63D21
etag: "bafybeidq2ghtupimcwgmsjjhswo6sls7tazeoh7tkdfn2se6lemvcu2ive"
vary: Origin, Accept-Encoding
content-type: image/png
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 89dce6121a5d8fe2-FRA
content-length: 8007
x-xss-protection: 1; mode=block
expires: Thu, 04 Jul 2024 10:01:06 GMT

GET
H2 200 b4d657e7ef262b88eb5f7ac021edda87.gif
i.gifer.com/origin/b4/ 44 KB
45 KB 159ms
49ms Image
image/gif 51.68.36.8
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.gifer.com/origin/b4/b4d657e7ef262b88eb5f7ac021edda87.gif

Requested by

Host: bedecked-garrulous-quality.glitch.me
URL: https://bedecked-garrulous-quality.glitch.me/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.68.36.8 , United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ns3121917.ip-51-68-36.eu

Software

nginx /

Resource Hash

ba67f5cbb26d1c913527475815f0c8d4c4519b092a7544f015cc021360240275

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bedecked-garrulous-quality.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:01:05 GMT
strict-transport-security: max-age=604800
last-modified: Wed, 22 Sep 2021 23:09:25 GMT
server: nginx
etag: "614bb7a5-b15c"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 45404
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 153ms
49ms Script
application/javascript 2a04:4e42:200::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: bedecked-garrulous-quality.glitch.me
URL: https://bedecked-garrulous-quality.glitch.me/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bedecked-garrulous-quality.glitch.me/
Origin: https://bedecked-garrulous-quality.glitch.me
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:01:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1477437
x-cache: HIT, HIT
content-length: 30875
x-served-by: cache-lga21931-LGA, cache-mxp6982-MXP
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1720072866.549795,VS0,VE0
etag: W/"28feccc0-15d9d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 19, 788736

GET fa-regular-400.woff2
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/ 0
0

GET fa-solid-900.woff2
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/ 0
0

GET
H2 404 Primary Request wetransfer.com Show response
bedecked-garrulous-quality.glitch.me/ 4 KB
4 KB 147ms
147ms Document
text/html 44.197.227.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bedecked-garrulous-quality.glitch.me/wetransfer.com
Requested by: Host: bedecked-garrulous-quality.glitch.me
URL: https://bedecked-garrulous-quality.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.227.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-227-46.compute-1.amazonaws.com
Software: /
Resource Hash: 2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bedecked-garrulous-quality.glitch.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

cache-control: max-age=0
content-length: 3674
date: Thu, 04 Jul 2024 06:01:06 GMT

GET fa-solid-900.woff
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/ 0
0

GET fa-regular-400.woff
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/ 0
0

GET
H2

200

/
cloud.typenetwork.com/projects/5027/fontface.css/
Redirect Chain

https://cloud.webtype.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css
https://cloud.typenetwork.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css
https://cloud.typenetwork.com/projects/5027/fontface.css/

889 B
2 KB

40ms
39ms

Stylesheet
text/css

151.101.193.91
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cloud.typenetwork.com/projects/5027/fontface.css/

Requested by

Host: bedecked-garrulous-quality.glitch.me
URL: https://bedecked-garrulous-quality.glitch.me/wetransfer.com

Protocol

Server

151.101.193.91 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f6fbbd2d1d1f778b41193cd8aaae3c6dca6a6071d429d1f87a005370e958511e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; includeSubDomains; preload
date: Thu, 04 Jul 2024 06:01:06 GMT
via: 1.1 varnish
x-amz-request-id: tx00000b83fbb7a5f5eab17-00653a8971-7a12c411-nyc3c
age: 181865
x-envoy-upstream-healthchecked-cluster
x-cache: HIT
x-amz-meta-surrogate-control: max-age=604800
content-length: 889
x-served-by: cache-fra-etou8220033-FRA
last-modified: Thu, 06 Apr 2023 18:24:07 GMT
x-timer: S1720072867.767501,VS0,VE0
x-amz-meta-tn-allowed-domains: hyperweb.space localhost hw-dev cdnjs.cloudflare.com hyperdev.com hyperdev.space hyper.dev hyperdev.localhost hyper.development hyperdev.development gomix.com gomix.me gomix.development glitch.com glitch.me glitch.development manuscript.com
etag: "c1f564683671e119787de2d62eaa0be6"
x-amz-meta-surrogate-keys: license-248733 license-248734 license-248735 projectlicense-26551 projectlicense-26552 projectlicense-26553 project-5027
x-hw: 1698335089.dop271.fr8.shc,1698335089.dop271.fr8.t,1698335089.cds214.fr8.p
content-type: text/css
access-control-max-age: 0
access-control-allow-methods: GET
cache-control: max-age=600
x-rgw-object-type: Normal
access-control-allow-origin: *
accept-ranges: bytes
x-cache-hits: 7

Redirect headers

date: Thu, 04 Jul 2024 06:01:06 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 176340
x-cache: HIT, HIT
content-length: 0
x-served-by: cache-ewr18138-EWR, cache-fra-etou8220033-FRA
referrer-policy: same-origin
server: cloudflare
cross-origin-opener-policy: same-origin
x-timer: S1720072867.723552,VS0,VE0
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mo5IapxKDlUHkQ10qxkZkj3AVYopOZYkZwWkEYITmiJZVrg93Olps3qhseOHOU8Pc6EI4jYu1XY5Mbuu%2B8plx0ks4fyjRkEenI4zm4JsgowkgTRRBQCPgCnk0%2BzOZtSm4HkDGYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: ../projects/5027/fontface.css/
access-control-allow-origin: *
cache-control: max-age=28800
vary: origin
accept-ranges: bytes
cf-ray: 89cc14ef4fdb8cdc-EWR
x-cache-hits: 219, 4

GET
H/1.1

200
OK

d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png
cdn.glitch.me/
Redirect Chain

https://cdn.glitch.com/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png?v=1595481653593
https://cdn.glitch.me/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png

166 KB
167 KB

136ms
44ms

Image
image/png

18.66.102.85
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.me/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png

Requested by

Host: bedecked-garrulous-quality.glitch.me
URL: https://bedecked-garrulous-quality.glitch.me/wetransfer.com

Protocol

HTTP/1.1

Server

18.66.102.85 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-102-85.fra56.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

22906a0f005949f275550013b9308673372a120f6c5e49145ac520658114f158

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://bedecked-garrulous-quality.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Date: Thu, 11 Jan 2024 01:21:19 GMT
Via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Thu, 23 Jul 2020 05:20:52 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-P2
Age: 15136788
ETag: "a002b1fa4cf220520bebb230b1b68a80"
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 170377
X-Amz-Cf-Id: KQiAqwmqis-nbr8d0AEZ4T3U-GkfyJ2o2pEpvokleHAFe6YoD14CUg==

Redirect headers

Date: Thu, 04 Jul 2024 01:55:22 GMT
Via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 14745
Vary: Origin
X-Cache: Hit from cloudfront
Location: https://cdn.glitch.me/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: GhEcG_83Ub_mDg9z7eB0KsfdDsAiqRJ7bvwu4gXz994PpvSOMJtEOQ==

GET
H2 404 favicon.ico
bedecked-garrulous-quality.glitch.me/ 4 KB
4 KB 156ms
156ms Other
text/html 44.197.227.46
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bedecked-garrulous-quality.glitch.me/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.227.46 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-227-46.compute-1.amazonaws.com
Software: /
Resource Hash: 2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://bedecked-garrulous-quality.glitch.me/wetransfer.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 04 Jul 2024 06:01:06 GMT
cache-control: max-age=0
content-length: 3674

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: storageapi.fleek.co
URL: https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/fa-regular-400.woff2

Domain: storageapi.fleek.co
URL: https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/fa-solid-900.woff2

Domain: storageapi.fleek.co
URL: https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/fa-solid-900.woff

Domain: storageapi.fleek.co
URL: https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/fa-regular-400.woff

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: WeTransfer (Online)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://bedecked-garrulous-quality.glitch.me/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://bedecked-garrulous-quality.glitch.me/wetransfer.com Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://bedecked-garrulous-quality.glitch.me/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bedecked-garrulous-quality.glitch.me
cdn.glitch.com
cdn.glitch.me
cloud.typenetwork.com
cloud.webtype.com
code.jquery.com
i.gifer.com
storageapi.fleek.co
storageapi.fleek.co
151.101.193.91
18.66.102.85
188.114.97.3
2606:4700::6812:791
2a04:4e42:200::649
44.197.227.46
51.68.36.8
99.86.4.38
1f209adf9e9f87d3fae8def6089b9b6b6c865dbad4d26eb98ef502eef428a131
22906a0f005949f275550013b9308673372a120f6c5e49145ac520658114f158
2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c
3cc758d6f4ae4c42ad18a2d731abecc064b2c1c4676ef852a4a70f640983c9ae
530cb4c29b444dc89dd73a4e0812f803be98d3448a48edca8aafdbc55a0b97eb
72d11555972a6f3b75c19057d0fb0013ea2bb592b6a011e79ed87afcbd2bbfe6
9fde8de58e658a62c12f0bda8f732e6af9c6667ca19b9dca5c34f269fbf05758
ab96691d78536247ca2ab64aac5af744cf699926fa30d393ae859c9fa803b42c
b53544d900cc956f0389cf888fd0c6d7b86a824e80a1ed93e112eb82086e006a
ba67f5cbb26d1c913527475815f0c8d4c4519b092a7544f015cc021360240275
f6fbbd2d1d1f778b41193cd8aaae3c6dca6a6071d429d1f87a005370e958511e
f9603ccd69cc60be665a640e101659e107d652589841ba9a5f6108a2a617fad3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

bedecked-garrulous-quality.glitch.me Open in urlscan Pro 44.197.227.46 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

19 Requests

68 %HTTPS

25 %IPv6

7 Domains

8 Subdomains

7 IPs

3 Countries

435 kBTransfer

552 kBSize

0 Cookies

2 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

3 Console Messages

Indicators

bedecked-garrulous-quality.glitch.me Open in urlscan Pro
44.197.227.46 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

68 %
HTTPS

25 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

435 kB
Transfer

552 kB
Size

0
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!