bedecked-garrulous-quality.glitch.me
Open in
urlscan Pro
44.197.227.46
Malicious Activity!
Public Scan
Effective URL: https://bedecked-garrulous-quality.glitch.me/wetransfer.com
Submission: On July 04 via automatic, source phishtank — Scanned from DE
Summary
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.
This is the only time bedecked-garrulous-quality.glitch.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WeTransfer (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 44.197.227.46 44.197.227.46 | 14618 (AMAZON-AES) (AMAZON-AES) | |
8 | 2606:4700::68... 2606:4700::6812:791 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 51.68.36.8 51.68.36.8 | 16276 (OVH) (OVH) | |
1 | 2a04:4e42:200... 2a04:4e42:200::649 | 54113 (FASTLY) (FASTLY) | |
1 1 | 188.114.97.3 188.114.97.3 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 151.101.193.91 151.101.193.91 | 54113 (FASTLY) (FASTLY) | |
1 1 | 99.86.4.38 99.86.4.38 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 18.66.102.85 18.66.102.85 | 16509 (AMAZON-02) (AMAZON-02) | |
19 | 7 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-227-46.compute-1.amazonaws.com
bedecked-garrulous-quality.glitch.me |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-38.fra6.r.cloudfront.net
cdn.glitch.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-102-85.fra56.r.cloudfront.net
cdn.glitch.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
fleek.co
storageapi.fleek.co — Cisco Umbrella Rank: 679288 |
174 KB |
4 |
glitch.me
bedecked-garrulous-quality.glitch.me cdn.glitch.me — Cisco Umbrella Rank: 226424 |
185 KB |
2 |
typenetwork.com
1 redirects
cloud.typenetwork.com — Cisco Umbrella Rank: 56503 |
2 KB |
1 |
glitch.com
1 redirects
cdn.glitch.com — Cisco Umbrella Rank: 231466 |
460 B |
1 |
webtype.com
1 redirects
cloud.webtype.com — Cisco Umbrella Rank: 120592 |
528 B |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 816 |
30 KB |
1 |
gifer.com
i.gifer.com — Cisco Umbrella Rank: 85171 |
45 KB |
19 | 7 |
Domain | Requested by | |
---|---|---|
8 | storageapi.fleek.co |
bedecked-garrulous-quality.glitch.me
storageapi.fleek.co |
3 | bedecked-garrulous-quality.glitch.me |
bedecked-garrulous-quality.glitch.me
|
2 | cloud.typenetwork.com |
1 redirects
bedecked-garrulous-quality.glitch.me
|
1 | cdn.glitch.me |
bedecked-garrulous-quality.glitch.me
|
1 | cdn.glitch.com | 1 redirects |
1 | cloud.webtype.com | 1 redirects |
1 | code.jquery.com |
bedecked-garrulous-quality.glitch.me
|
1 | i.gifer.com |
bedecked-garrulous-quality.glitch.me
|
19 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
help.glitch.com |
glitch.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
glitch.com Amazon RSA 2048 M03 |
2023-12-04 - 2025-01-01 |
a year | crt.sh |
fleek.co Cloudflare Inc ECC CA-3 |
2024-01-29 - 2024-12-31 |
a year | crt.sh |
gifer.com R10 |
2024-06-27 - 2024-09-25 |
3 months | crt.sh |
*.jquery.com Sectigo ECC Domain Validation Secure Server CA |
2024-06-25 - 2025-06-25 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://bedecked-garrulous-quality.glitch.me/wetransfer.com
Frame ID: C9AF49FD841DB6C68310F5A2D649F6B6
Requests: 19 HTTP requests in this frame
Screenshot
Page Title
Well, you found a glitch.Page URL History Show full URLs
-
http://bedecked-garrulous-quality.glitch.me/
HTTP 307
https://bedecked-garrulous-quality.glitch.me/ Page URL
- https://bedecked-garrulous-quality.glitch.me/wetransfer.com Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Help Center
Search URL Search Domain Scan URL
Title: Back to Glitch
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bedecked-garrulous-quality.glitch.me/
HTTP 307
https://bedecked-garrulous-quality.glitch.me/ Page URL
- https://bedecked-garrulous-quality.glitch.me/wetransfer.com Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://bedecked-garrulous-quality.glitch.me/ HTTP 307
- https://bedecked-garrulous-quality.glitch.me/
- https://cloud.webtype.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css HTTP 301
- https://cloud.typenetwork.com/css/3a8e55c6-b1f3-4659-99eb-125ae72bd084.css HTTP 301
- https://cloud.typenetwork.com/projects/5027/fontface.css/
- https://cdn.glitch.com/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png?v=1595481653593 HTTP 301
- https://cdn.glitch.me/d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
/
bedecked-garrulous-quality.glitch.me/ Redirect Chain
|
10 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css.css
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/ |
5 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
checkbox.css
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/ |
1 KB 645 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/css/ |
71 KB 13 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
welogo.png
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/wetransfer/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rfq.jpg
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/images/ |
19 KB 19 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pp.jpg
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/images/ |
93 KB 93 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
specs.jpg
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/images/ |
31 KB 31 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/wetransfer/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b4d657e7ef262b88eb5f7ac021edda87.gif
i.gifer.com/origin/b4/ |
44 KB 45 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.6.0.min.js
code.jquery.com/ |
87 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fa-regular-400.woff2
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fa-solid-900.woff2
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
wetransfer.com
bedecked-garrulous-quality.glitch.me/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fa-solid-900.woff
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
fa-regular-400.woff
storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cloud.typenetwork.com/projects/5027/fontface.css/ Redirect Chain
|
889 B 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
d7f4f279-e13b-4330-8422-00b2d9211424%2FGlitch-Error-Rainbow-Mug-hires.png
cdn.glitch.me/ Redirect Chain
|
166 KB 167 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
favicon.ico
bedecked-garrulous-quality.glitch.me/ |
4 KB 4 KB |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- storageapi.fleek.co
- URL
- https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/fa-regular-400.woff2
- Domain
- storageapi.fleek.co
- URL
- https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/fa-solid-900.woff2
- Domain
- storageapi.fleek.co
- URL
- https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/fa-solid-900.woff
- Domain
- storageapi.fleek.co
- URL
- https://storageapi.fleek.co/f1c6f5d4-e2a2-4106-910e-774322bb8cec-bucket/webfonts/fa-regular-400.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WeTransfer (Online)5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
undefined| event object| fence object| sharedStorage function| requestStorageAccess function| loginClicked0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bedecked-garrulous-quality.glitch.me
cdn.glitch.com
cdn.glitch.me
cloud.typenetwork.com
cloud.webtype.com
code.jquery.com
i.gifer.com
storageapi.fleek.co
storageapi.fleek.co
151.101.193.91
18.66.102.85
188.114.97.3
2606:4700::6812:791
2a04:4e42:200::649
44.197.227.46
51.68.36.8
99.86.4.38
1f209adf9e9f87d3fae8def6089b9b6b6c865dbad4d26eb98ef502eef428a131
22906a0f005949f275550013b9308673372a120f6c5e49145ac520658114f158
2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c
3cc758d6f4ae4c42ad18a2d731abecc064b2c1c4676ef852a4a70f640983c9ae
530cb4c29b444dc89dd73a4e0812f803be98d3448a48edca8aafdbc55a0b97eb
72d11555972a6f3b75c19057d0fb0013ea2bb592b6a011e79ed87afcbd2bbfe6
9fde8de58e658a62c12f0bda8f732e6af9c6667ca19b9dca5c34f269fbf05758
ab96691d78536247ca2ab64aac5af744cf699926fa30d393ae859c9fa803b42c
b53544d900cc956f0389cf888fd0c6d7b86a824e80a1ed93e112eb82086e006a
ba67f5cbb26d1c913527475815f0c8d4c4519b092a7544f015cc021360240275
f6fbbd2d1d1f778b41193cd8aaae3c6dca6a6071d429d1f87a005370e958511e
f9603ccd69cc60be665a640e101659e107d652589841ba9a5f6108a2a617fad3
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e