woolen-telling-leopon.glitch.me Open in urlscan Pro
54.224.168.88 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://woolen-telling-leopon.glitch.me/index2.html
Effective URL:
https://woolen-telling-leopon.glitch.me/index2.html
Submission: On June 30 via api (June 30th 2024, 3:13:33 am UTC) from US — Scanned from DE

Summary HTTP 19 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 19 HTTP transactions. The main IP is 54.224.168.88, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is woolen-telling-leopon.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.

This is the only time woolen-telling-leopon.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Frontier (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1	54.224.168.88 54.224.168.88	14618 (AMAZON-AES) (AMAZON-AES)
6	108.181.20.37 108.181.20.37	40676 (AS40676) (AS40676)
1	104.26.12.205 104.26.12.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	199.224.64.214 199.224.64.214	3593 (FRONTIER-...) (FRONTIER-EPIX)
19	5

1 54.224.168.88 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-224-168-88.compute-1.amazonaws.com

woolen-telling-leopon.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.181.20.37 (Los Angeles, United States)

ASN40676 (AS40676, US)

files.catbox.moe	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 199.224.64.214 (Dallas, United States)

ASN3593 (FRONTIER-EPIX, US)
PTR: login.dlls.pa.frontiernet.net

login.frontier.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	catbox.moe files.catbox.moe — Cisco Umbrella Rank: 160519	31 KB
2	frontier.com login.frontier.com — Cisco Umbrella Rank: 668125	2 KB
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2418	166 B
1	glitch.me woolen-telling-leopon.glitch.me	143 KB
19	4

	Domain	Requested by
6	files.catbox.moe	woolen-telling-leopon.glitch.me files.catbox.moe
2	login.frontier.com
1	api.ipify.org	woolen-telling-leopon.glitch.me
1	woolen-telling-leopon.glitch.me
19	4

This site contains no links.

Subject Issuer	Validity	Valid
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
*.catbox.moe R3	`2024-05-29` - `2024-08-27`	3 months	crt.sh
ipify.org GTS CA 1P5	`2024-05-19` - `2024-08-17`	3 months	crt.sh
*.frontier.com Entrust Certification Authority - L1K	`2023-06-20` - `2024-07-13`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://woolen-telling-leopon.glitch.me/index2.html
Frame ID: 7574A69E142BEE97C87A32DBC27AECCF
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Frontier Mail Login

Page URL History Show full URLs

http://woolen-telling-leopon.glitch.me/index2.html HTTP 307
https://woolen-telling-leopon.glitch.me/index2.html Page URL

Page Statistics

19
Requests

53 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

176 kB
Transfer

385 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://woolen-telling-leopon.glitch.me/index2.html HTTP 307
https://woolen-telling-leopon.glitch.me/index2.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request index2.html Show response
woolen-telling-leopon.glitch.me/
Redirect Chain

http://woolen-telling-leopon.glitch.me/index2.html
https://woolen-telling-leopon.glitch.me/index2.html

142 KB
143 KB

489ms
216ms

Document
text/html

54.224.168.88
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://woolen-telling-leopon.glitch.me/index2.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.224.168.88 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-224-168-88.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d5749a0e82c27773a1c7ef96a06cff14c093389e6e5346c198168530d20ba3b3

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 145748
content-type: text/html; charset=utf-8
date: Sun, 30 Jun 2024 03:13:26 GMT
etag: "3313e8e70be5ba8486e42a24562748d4"
last-modified: Wed, 01 May 2024 03:46:13 GMT
server: AmazonS3
x-amz-id-2: eexwpzrvvaBxuxZgP8e6D4OcdU0szUfmPE6/Owl/M3f6LKXrSmZSP78i36OliDrHQRUvcBUjtzs=
x-amz-request-id: JXV2WDZDV0YA3PKM
x-amz-server-side-encryption: AES256
x-amz-version-id: bVgSlZ7sLKwQrwY7fggNrJ_g548Q4GYc

Redirect headers

Location: https://woolen-telling-leopon.glitch.me/index2.html
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 9f4xrp.css
files.catbox.moe/ 119 KB
21 KB 822ms
260ms Stylesheet
text/css 108.181.20.37
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://files.catbox.moe/9f4xrp.css

Requested by

Host: woolen-telling-leopon.glitch.me
URL: https://woolen-telling-leopon.glitch.me/index2.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.181.20.37 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

Software

nginx /

Resource Hash

0a4f1c0678cd2a27ab20fa7efa25f37566d3fb652bd892621fb1deaa103c0119

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://woolen-telling-leopon.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 03:13:27 GMT
content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options: nosniff
last-modified: Thu, 22 Feb 2024 16:36:18 GMT
server: nginx
content-encoding: gzip
etag: W/"65d77802-1da75"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *

GET
H2 200 2ep6wt.css
files.catbox.moe/ 23 KB
6 KB 820ms
258ms Stylesheet
text/css 108.181.20.37
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://files.catbox.moe/2ep6wt.css

Requested by

Host: woolen-telling-leopon.glitch.me
URL: https://woolen-telling-leopon.glitch.me/index2.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.181.20.37 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

Software

nginx /

Resource Hash

541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://woolen-telling-leopon.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 03:13:27 GMT
content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options: nosniff
last-modified: Wed, 28 Feb 2024 10:01:26 GMT
server: nginx
content-encoding: gzip
etag: W/"65df0476-5cbb"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *

GET
H2 200 05qpu8.css
files.catbox.moe/ 5 KB
949 B 687ms
259ms Stylesheet
text/css 108.181.20.37
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://files.catbox.moe/05qpu8.css

Requested by

Host: woolen-telling-leopon.glitch.me
URL: https://woolen-telling-leopon.glitch.me/index2.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.181.20.37 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

Software

nginx /

Resource Hash

e3169af49b7168dac89aa10b6e0493ddd4fd5b95118578d51e86930a5cb89690

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://woolen-telling-leopon.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 03:13:27 GMT
content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options: nosniff
last-modified: Thu, 22 Feb 2024 16:39:14 GMT
server: nginx
content-encoding: gzip
etag: W/"65d778b2-121c"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *

GET
H2 200 9vias1.css
files.catbox.moe/ 4 KB
2 KB 686ms
259ms Stylesheet
text/css 108.181.20.37
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://files.catbox.moe/9vias1.css

Requested by

Host: woolen-telling-leopon.glitch.me
URL: https://woolen-telling-leopon.glitch.me/index2.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.181.20.37 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

Software

nginx /

Resource Hash

a88c997815e64df95cd98c340c54d773e79795d366f265e5ed436429227520a4

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://woolen-telling-leopon.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 03:13:27 GMT
content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options: nosniff
last-modified: Thu, 22 Feb 2024 16:36:17 GMT
server: nginx
content-encoding: gzip
etag: W/"65d77801-f00"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *

GET
H2 200 sir4zv.css
files.catbox.moe/ 293 B
641 B 687ms
259ms Stylesheet
text/css 108.181.20.37
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://files.catbox.moe/sir4zv.css

Requested by

Host: woolen-telling-leopon.glitch.me
URL: https://woolen-telling-leopon.glitch.me/index2.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.181.20.37 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

Software

nginx /

Resource Hash

48725a65fda90b2073c17025dee946f69c9ba9a443a58f0f339e82945f2ccc5a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://woolen-telling-leopon.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 03:13:27 GMT
content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options: nosniff
last-modified: Thu, 22 Feb 2024 16:39:14 GMT
server: nginx
etag: "65d778b2-125"
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
accept-ranges: bytes
content-length: 293

GET
H2 200 ru69bf.css
files.catbox.moe/ 4 KB
1 KB 686ms
259ms Stylesheet
text/css 108.181.20.37
AS40676

General

Check archive.org

Show headers Download Go to

Full URL

https://files.catbox.moe/ru69bf.css

Requested by

Host: woolen-telling-leopon.glitch.me
URL: https://woolen-telling-leopon.glitch.me/index2.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

108.181.20.37 Los Angeles, United States, ASN40676 (AS40676, US),

Reverse DNS

Software

nginx /

Resource Hash

90347f17d0a98b959d30b8803a1ccdeee8af9d60c7105f45562b8337ea444bb7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://woolen-telling-leopon.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 03:13:27 GMT
content-security-policy: default-src 'self' https://files.catbox.moe; style-src https://files.catbox.moe 'unsafe-inline'; img-src 'self' data:; font-src 'self'; media-src 'self'; object-src 'self';
x-content-type-options: nosniff
last-modified: Thu, 22 Feb 2024 16:36:17 GMT
server: nginx
content-encoding: gzip
etag: W/"65d77801-ea4"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *

GET
DATA 200
OK truncated
/ 42 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2b1209efca8c946f91cb79ef1daee82cf8127fa7dda8ae5b9ecb05f1ce3b0a05

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 42 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 08840c50d34bed078820ea796b47fb3bf3d9b69fbaf24c0ad23b380442013508

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 / Show response
api.ipify.org/ 31 B
166 B 182ms
114ms Script
application/javascript 104.26.12.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=jsonp&callback=getIP
Requested by: Host: woolen-telling-leopon.glitch.me
URL: https://woolen-telling-leopon.glitch.me/index2.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 84fba3dc5612b0f15330f1b4f267e7cc92efb498dc11d609f9092191f9396cc4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://woolen-telling-leopon.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 30 Jun 2024 03:13:27 GMT
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 89bafb025bedbbad-FRA
content-length: 31
vary: Origin
content-type: application/javascript

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d21ec90f5fefe07186ca7a2fa307effbdd39b405e84c66b6be9c35e049c4ed2b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET PPObjectSans-Regular.woff2
files.catbox.moe/PPObjectSansRegular/ 0
0

GET PPObjectSans-Bold.woff2
files.catbox.moe/PPObjectSansBold/ 0
0

GET fontawesome-webfont.woff2
files.catbox.moe/fonts/ 0
0

GET PPObjectSans-Regular.woff
files.catbox.moe/PPObjectSansRegular/ 0
0

GET fontawesome-webfont.woff
files.catbox.moe/fonts/ 0
0

GET PPObjectSans-Bold.woff
files.catbox.moe/PPObjectSansBold/ 0
0

GET PPObjectSans-Regular.ttf
files.catbox.moe/PPObjectSansRegular/ 0
0

GET fontawesome-webfont.ttf
files.catbox.moe/fonts/ 0
0

GET PPObjectSans-Bold.ttf
files.catbox.moe/PPObjectSansBold/ 0
0

GET
H/1.1 200
OK favicon.svg
login.frontier.com/ftr-sys-theme/img/ 1 KB
2 KB 946ms
127ms Other
image/svg+xml 199.224.64.214
FRONTIER-EPIX

General

Check archive.org

Show headers Download Go to

Full URL

https://login.frontier.com/ftr-sys-theme/img/favicon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.224.64.214 Dallas, United States, ASN3593 (FRONTIER-EPIX, US),

Reverse DNS

Software

Apache /

Resource Hash

789d31b318ee1762a7ed926a52a4f57099365d126e2ce2774f531ad035bbfe98

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://woolen-telling-leopon.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 03:13:29 GMT
Content-Security-Policy: frame-ancestors 'self'
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Last-Modified: Thu, 28 Apr 2022 20:59:05 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: none
ETag: "526-5ddbd3248019d"
Vary: SSLProxy
X-Frame-Options: sameorigin
Content-Type: image/svg+xml
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1318

GET
H/1.1 200
OK favicon.svg
login.frontier.com/ftr-sys-theme/img/ 1 KB
0 0ms
0ms Other
image/svg+xml 199.224.64.214
FRONTIER-EPIX

General

Check archive.org

Show headers Download Go to

Full URL

https://login.frontier.com/ftr-sys-theme/img/favicon.svg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

199.224.64.214 Dallas, United States, ASN3593 (FRONTIER-EPIX, US),

Reverse DNS

Software

Apache /

Resource Hash

789d31b318ee1762a7ed926a52a4f57099365d126e2ce2774f531ad035bbfe98

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://woolen-telling-leopon.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Sun, 30 Jun 2024 03:13:29 GMT
Content-Security-Policy: frame-ancestors 'self'
X-Content-Type-Options: nosniff
Last-Modified: Thu, 28 Apr 2022 20:59:05 GMT
Server: Apache
X-Permitted-Cross-Domain-Policies: none
ETag: "526-5ddbd3248019d"
Vary: SSLProxy
X-Frame-Options: sameorigin
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 1318

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: files.catbox.moe
URL: https://files.catbox.moe/PPObjectSansRegular/PPObjectSans-Regular.woff2

Domain: files.catbox.moe
URL: https://files.catbox.moe/PPObjectSansBold/PPObjectSans-Bold.woff2

Domain: files.catbox.moe
URL: https://files.catbox.moe/fonts/fontawesome-webfont.woff2?v=4.3.0

Domain: files.catbox.moe
URL: https://files.catbox.moe/PPObjectSansRegular/PPObjectSans-Regular.woff

Domain: files.catbox.moe
URL: https://files.catbox.moe/fonts/fontawesome-webfont.woff?v=4.3.0

Domain: files.catbox.moe
URL: https://files.catbox.moe/PPObjectSansBold/PPObjectSans-Bold.woff

Domain: files.catbox.moe
URL: https://files.catbox.moe/PPObjectSansRegular/PPObjectSans-Regular.ttf

Domain: files.catbox.moe
URL: https://files.catbox.moe/fonts/fontawesome-webfont.ttf?v=4.3.0

Domain: files.catbox.moe
URL: https://files.catbox.moe/PPObjectSansBold/PPObjectSans-Bold.ttf

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Frontier (Telecommunication)

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: https://woolen-telling-leopon.glitch.me/index2.html Message: Access to font at 'https://files.catbox.moe/PPObjectSansRegular/PPObjectSans-Regular.woff2' from origin 'https://woolen-telling-leopon.glitch.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://files.catbox.moe/PPObjectSansRegular/PPObjectSans-Regular.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://woolen-telling-leopon.glitch.me/index2.html Message: Access to font at 'https://files.catbox.moe/fonts/fontawesome-webfont.woff2?v=4.3.0' from origin 'https://woolen-telling-leopon.glitch.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://files.catbox.moe/fonts/fontawesome-webfont.woff2?v=4.3.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://woolen-telling-leopon.glitch.me/index2.html Message: Access to font at 'https://files.catbox.moe/PPObjectSansBold/PPObjectSans-Bold.woff2' from origin 'https://woolen-telling-leopon.glitch.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://files.catbox.moe/PPObjectSansBold/PPObjectSans-Bold.woff2 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://woolen-telling-leopon.glitch.me/index2.html Message: Access to font at 'https://files.catbox.moe/PPObjectSansRegular/PPObjectSans-Regular.woff' from origin 'https://woolen-telling-leopon.glitch.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://files.catbox.moe/PPObjectSansRegular/PPObjectSans-Regular.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://woolen-telling-leopon.glitch.me/index2.html Message: Access to font at 'https://files.catbox.moe/fonts/fontawesome-webfont.woff?v=4.3.0' from origin 'https://woolen-telling-leopon.glitch.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://files.catbox.moe/fonts/fontawesome-webfont.woff?v=4.3.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://woolen-telling-leopon.glitch.me/index2.html Message: Access to font at 'https://files.catbox.moe/PPObjectSansBold/PPObjectSans-Bold.woff' from origin 'https://woolen-telling-leopon.glitch.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://files.catbox.moe/PPObjectSansBold/PPObjectSans-Bold.woff Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://woolen-telling-leopon.glitch.me/index2.html Message: Access to font at 'https://files.catbox.moe/PPObjectSansRegular/PPObjectSans-Regular.ttf' from origin 'https://woolen-telling-leopon.glitch.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://files.catbox.moe/PPObjectSansRegular/PPObjectSans-Regular.ttf Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://woolen-telling-leopon.glitch.me/index2.html Message: Access to font at 'https://files.catbox.moe/fonts/fontawesome-webfont.ttf?v=4.3.0' from origin 'https://woolen-telling-leopon.glitch.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://files.catbox.moe/fonts/fontawesome-webfont.ttf?v=4.3.0 Message: Failed to load resource: net::ERR_FAILED
javascript	error	URL: https://woolen-telling-leopon.glitch.me/index2.html Message: Access to font at 'https://files.catbox.moe/PPObjectSansBold/PPObjectSans-Bold.ttf' from origin 'https://woolen-telling-leopon.glitch.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://files.catbox.moe/PPObjectSansBold/PPObjectSans-Bold.ttf Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
files.catbox.moe
login.frontier.com
woolen-telling-leopon.glitch.me
files.catbox.moe
104.26.12.205
108.181.20.37
199.224.64.214
54.224.168.88
08840c50d34bed078820ea796b47fb3bf3d9b69fbaf24c0ad23b380442013508
0a4f1c0678cd2a27ab20fa7efa25f37566d3fb652bd892621fb1deaa103c0119
2b1209efca8c946f91cb79ef1daee82cf8127fa7dda8ae5b9ecb05f1ce3b0a05
48725a65fda90b2073c17025dee946f69c9ba9a443a58f0f339e82945f2ccc5a
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
789d31b318ee1762a7ed926a52a4f57099365d126e2ce2774f531ad035bbfe98
84fba3dc5612b0f15330f1b4f267e7cc92efb498dc11d609f9092191f9396cc4
90347f17d0a98b959d30b8803a1ccdeee8af9d60c7105f45562b8337ea444bb7
a88c997815e64df95cd98c340c54d773e79795d366f265e5ed436429227520a4
d21ec90f5fefe07186ca7a2fa307effbdd39b405e84c66b6be9c35e049c4ed2b
d5749a0e82c27773a1c7ef96a06cff14c093389e6e5346c198168530d20ba3b3
e3169af49b7168dac89aa10b6e0493ddd4fd5b95118578d51e86930a5cb89690

woolen-telling-leopon.glitch.me Open in urlscan Pro 54.224.168.88 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

19 Requests

53 %HTTPS

0 %IPv6

4 Domains

4 Subdomains

5 IPs

2 Countries

176 kBTransfer

385 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

5 JavaScript Global Variables

0 Cookies

18 Console Messages

Indicators

woolen-telling-leopon.glitch.me Open in urlscan Pro
54.224.168.88 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

53 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

2
Countries

176 kB
Transfer

385 kB
Size

0
Cookies

19 HTTP transactions
3 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!