nigecd.glitch.me Open in urlscan Pro
34.197.3.188 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://ht.ly/Dicg50G6qtQ
Effective URL:
https://nigecd.glitch.me/
Submission: On September 08 via manual (September 8th 2021, 5:34:44 pm UTC) from US — Scanned from DE

Summary HTTP 16 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 16 HTTP transactions. The main IP is 34.197.3.188, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is nigecd.glitch.me.
TLS certificate: Issued by Amazon on January 18th 2021. Valid for: a year.

This is the only time nigecd.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Optimum (Telecommunication)

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.67.57.56 54.67.57.56	16509 (AMAZON-02) (AMAZON-02)
1	162.241.175.67 162.241.175.67	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	34.197.3.188 34.197.3.188	14618 (AMAZON-AES) (AMAZON-AES)
3 15	167.206.237.230 167.206.237.230	6128 (CABLE-NET-1) (CABLE-NET-1)
1	2a00:1450:400... 2a00:1450:4007:80c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4007:819::2003	15169 (GOOGLE) (GOOGLE)
16	5

1 54.67.57.56 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ow.ly

ht.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.241.175.67 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-175-67.unifiedlayer.com

crazysocks.life	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.197.3.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-3-188.compute-1.amazonaws.com

nigecd.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 167.206.237.230 (United States) 3 redirects

ASN6128 (CABLE-NET-1, US)
PTR: optimum.net

www.optimum.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4007:819::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	optimum.net 3 redirects www.optimum.net	447 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	googleapis.com fonts.googleapis.com	781 B
1	glitch.me nigecd.glitch.me	50 KB
1	crazysocks.life crazysocks.life	476 B
1	ht.ly 1 redirects ht.ly	376 B
16	6

	Domain	Requested by
15	www.optimum.net	3 redirects nigecd.glitch.me www.optimum.net
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	crazysocks.life
1	nigecd.glitch.me
1	crazysocks.life
1	ht.ly	1 redirects
16	6

This site contains links to these domains. Also see Links.

Domain
www.protware.com
webmail.optimum.net
voice.optimum.net
www.facebook.com
twitter.com
instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
crazysocks.life cPanel, Inc. Certification Authority	`2021-09-05` - `2021-12-04`	3 months	crt.sh
glitch.com Amazon	`2021-01-18` - `2022-02-15`	a year	crt.sh
www.optimum.net DigiCert SHA2 Extended Validation Server CA	`2021-03-09` - `2022-04-09`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-23` - `2021-11-15`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://nigecd.glitch.me/
Frame ID: 22D7D2C8EE3B5725537B08DF81EA1A51
Requests: 16 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In to Manage Your Services | Optimum

Page URL History Show full URLs

http://ht.ly/Dicg50G6qtQ HTTP 301
https://crazysocks.life/ Page URL
https://nigecd.glitch.me/ Page URL

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

16
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

514 kB
Transfer

953 kB
Size

0
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.protware.com/
Title: www.ProtWare.com

Search URL Search Domain Scan URL

URL: https://webmail.optimum.net/wm3-beta
Title: View all

Search URL Search Domain Scan URL

URL: https://voice.optimum.net//Voicemail
Title: View all

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Optimum/

Search URL Search Domain Scan URL

URL: https://twitter.com/optimum/

Search URL Search Domain Scan URL

URL: https://instagram.com/optimum/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/Optimum

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://ht.ly/Dicg50G6qtQ HTTP 301
https://crazysocks.life/ Page URL
https://nigecd.glitch.me/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://ht.ly/Dicg50G6qtQ HTTP 301
https://crazysocks.life/

Request Chain 1

https://www.optimum.net/core-and-parts_page_1.css?202008131122 HTTP 302
https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122

Request Chain 2

https://www.optimum.net/core-and-parts_page_2.css?202008131122 HTTP 302
https://www.optimum.net/core-and-parts-palette-1_page_2.css?202008131122

Request Chain 3

https://www.optimum.net/login/page.css?202008131122 HTTP 302
https://www.optimum.net/login/page-palette-1.css?202008131122

16 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
crazysocks.life/
Redirect Chain

http://ht.ly/Dicg50G6qtQ
https://crazysocks.life/

234 B
476 B

601ms
138ms

Document
text/html

162.241.175.67
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://crazysocks.life/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.241.175.67 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-241-175-67.unifiedlayer.com
Software: Apache /
Resource Hash

Request headers

Host: crazysocks.life
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Wed, 08 Sep 2021 17:34:37 GMT
Server: Apache
Last-Modified: Wed, 08 Sep 2021 15:55:57 GMT
Accept-Ranges: bytes
Content-Length: 234
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

Redirect headers

Location: https://crazysocks.life/
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
X-Frame-Options: DENY
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: master-only
Date: Wed, 08 Sep 2021 17:34:36 GMT
Connection: close
Content-Length: 0
X-Pool: owly_web

GET
H2 200 Primary Request / Show response
nigecd.glitch.me/ 50 KB
50 KB 430ms
145ms Document
text/html 34.197.3.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://nigecd.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.197.3.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-197-3-188.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: a0499611564d1fd46b4f198d9abda12f37b96c342d7222cdc8fa2a18b1e197f6

Request headers

:method: GET
:authority: nigecd.glitch.me
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
referer: https://crazysocks.life/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://crazysocks.life/

Response headers

date: Wed, 08 Sep 2021 17:34:38 GMT
content-type: text/html; charset=utf-8
content-length: 50744
x-amz-id-2: ZzfvbWc0jeX09ib0mMA4QcBmSil3UrlVuvPgN8yh3162F+htz2Dh7Hy1bhdxUVAH+GlJ72q6hi0=
x-amz-request-id: 6QB4T52XPRPNJ3Q6
last-modified: Wed, 08 Sep 2021 15:55:50 GMT
etag: "051b71e2bf296a69821395bc9be06b29"
cache-control: no-cache
x-amz-version-id: yMLx04DYp05DpDKWsdkDLPM7iZUxtRGT
accept-ranges: bytes
server: AmazonS3

GET
H/1.1

200
OK

core-and-parts-palette-1_page_1.css
www.optimum.net/
Redirect Chain

https://www.optimum.net/core-and-parts_page_1.css?202008131122
https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122

324 KB
45 KB

96ms
96ms

Stylesheet
text/css

167.206.237.230
CABLE-NET-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122

Requested by

Host: nigecd.glitch.me
URL: https://nigecd.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

167.206.237.230 , United States, ASN6128 (CABLE-NET-1, US),

Reverse DNS

optimum.net

Software

Resource Hash

8aa8118db32257ec8223b375a92fa659bc9272f2d685ea86460648d8164af1b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nigecd.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 17:34:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Aug 2021 14:56:56 GMT
ETag: "04c7d95bf7a946919643c854a35c665d9"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45973
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Wed, 08 Sep 2021 17:34:39 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Location: /core-and-parts-palette-1_page_1.css?202008131122
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

core-and-parts-palette-1_page_2.css
www.optimum.net/
Redirect Chain

https://www.optimum.net/core-and-parts_page_2.css?202008131122
https://www.optimum.net/core-and-parts-palette-1_page_2.css?202008131122

184 KB
24 KB

104ms
104ms

Stylesheet
text/css

167.206.237.230
CABLE-NET-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.optimum.net/core-and-parts-palette-1_page_2.css?202008131122

Requested by

Host: nigecd.glitch.me
URL: https://nigecd.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

167.206.237.230 , United States, ASN6128 (CABLE-NET-1, US),

Reverse DNS

optimum.net

Software

Resource Hash

efc5160a5e7215e15598a2171a97d54e026099c0ead393514c7089e805f82dbe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nigecd.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 17:34:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Aug 2021 14:56:56 GMT
ETag: "0228e90034f97dc677b1d2153084fd7bc"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 24235
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Wed, 08 Sep 2021 17:34:39 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Location: /core-and-parts-palette-1_page_2.css?202008131122
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H/1.1

200
OK

page-palette-1.css
www.optimum.net/login/
Redirect Chain

https://www.optimum.net/login/page.css?202008131122
https://www.optimum.net/login/page-palette-1.css?202008131122

9 KB
2 KB

103ms
103ms

Stylesheet
text/css

167.206.237.230
CABLE-NET-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.optimum.net/login/page-palette-1.css?202008131122

Requested by

Host: nigecd.glitch.me
URL: https://nigecd.glitch.me/

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

167.206.237.230 , United States, ASN6128 (CABLE-NET-1, US),

Reverse DNS

optimum.net

Software

Resource Hash

01c7c30b4b5d6adb9b4ec031e417c63aba8485d17e3984f34469b9a45a446709

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nigecd.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 17:34:39 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Aug 2021 14:56:46 GMT
ETag: "01c0c892bc9de5dba892c4fb4a16cd45f"
Strict-Transport-Security: max-age=31536000
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1195
X-XSS-Protection: 1; mode=block

Redirect headers

Date: Wed, 08 Sep 2021 17:34:39 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Location: /login/page-palette-1.css?202008131122
Cache-Control: no-cache
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Wed, 22 Sep 2021 00:00:00 -04:00

GET
H2 200 css
fonts.googleapis.com/ 366 B
781 B 149ms
55ms Stylesheet
text/css 2a00:1450:4007:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=ABeeZee

Requested by

Host: crazysocks.life
URL: https://crazysocks.life/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3969177281b39dacb532d29111fcf95ab01ea8ad24ef8961a0530a7404a35a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://nigecd.glitch.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 08 Sep 2021 16:31:25 GMT
server: ESF
date: Wed, 08 Sep 2021 17:34:39 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 08 Sep 2021 17:34:39 GMT

GET
H/1.1 200
OK logo_desktop.png
www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/ 11 KB
12 KB 105ms
104ms Image
image/png 167.206.237.230
CABLE-NET-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/logo_desktop.png

Requested by

Host: www.optimum.net
URL: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

167.206.237.230 , United States, ASN6128 (CABLE-NET-1, US),

Reverse DNS

optimum.net

Software

Resource Hash

f024a95148a1da10a251bd5c9d810fae48312219573b7b3a90de9dc7362f8418

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 17:34:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Jan 2020 18:37:30 GMT
ETag: "2c78-59b2c7c578756"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=21600, s-maxage=21600, public, max-age=21600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 11384
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon_message2.png
www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/ 249 B
770 B 97ms
96ms Image
image/png 167.206.237.230
CABLE-NET-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/icon_message2.png

Requested by

Host: www.optimum.net
URL: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

167.206.237.230 , United States, ASN6128 (CABLE-NET-1, US),

Reverse DNS

optimum.net

Software

Resource Hash

dda50837373135f2515c7ed1216d1cb8c79aa12786d8512e3400a9cd665e1d88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 17:34:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 May 2020 14:05:03 GMT
ETag: "f9-5a496aae93caa"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=21600, s-maxage=21600, public, max-age=21600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 249
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon_opthelp.png
www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/ 441 B
963 B 114ms
113ms Image
image/png 167.206.237.230
CABLE-NET-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/icon_opthelp.png

Requested by

Host: www.optimum.net
URL: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

167.206.237.230 , United States, ASN6128 (CABLE-NET-1, US),

Reverse DNS

optimum.net

Software

Resource Hash

6d57340d92cb2e9557a1cc3ac96c86ca86b0c8323c851a55573a3a2488ef84ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 17:34:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 01 May 2020 14:05:09 GMT
ETag: "1b9-5a496ab516400"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=21600, s-maxage=21600, public, max-age=21600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 441
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK icon_optstore.png
www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/ 405 B
927 B 193ms
96ms Image
image/png 167.206.237.230
CABLE-NET-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/icon_optstore.png

Requested by

Host: www.optimum.net
URL: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

167.206.237.230 , United States, ASN6128 (CABLE-NET-1, US),

Reverse DNS

optimum.net

Software

Resource Hash

24b1b0fc642753fc6e693eae5cde6fd56366fad297e2915b3e9f63774f3aa1fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 17:34:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 May 2020 08:28:17 GMT
ETag: "195-5a4e26debee1f"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=21600, s-maxage=21600, public, max-age=21600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 405
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK sprite_icons_altice.png
www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/ 146 KB
147 KB 208ms
102ms Image
image/png 167.206.237.230
CABLE-NET-1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/sprite_icons_altice.png

Requested by

Host: www.optimum.net
URL: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

167.206.237.230 , United States, ASN6128 (CABLE-NET-1, US),

Reverse DNS

optimum.net

Software

Resource Hash

0fde4c9c87c9e7b45f2edee970396be68320f3762a1a7998aff4b7f7517fcfe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 17:34:39 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Jul 2019 04:16:40 GMT
ETag: "248f1-58dece066cbc2"
Strict-Transport-Security: max-age=31536000
Content-Type: image/png
Cache-Control: max-age=21600, s-maxage=21600, public, max-age=21600
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 149745
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Regular-Regular.woff
www.optimum.net/assets/fonts/regular/ 61 KB
62 KB 375ms
98ms Font
font/woff 167.206.237.230
CABLE-NET-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.optimum.net/assets/fonts/regular/Regular-Regular.woff

Requested by

Host: www.optimum.net
URL: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

167.206.237.230 , United States, ASN6128 (CABLE-NET-1, US),

Reverse DNS

optimum.net

Software

Resource Hash

5b85f5f5732534318102cd1b76600be50148a28b8ddf10bc845c43702f2a5fa5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122
Origin: https://nigecd.glitch.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 17:34:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Aug 2021 14:55:15 GMT
ETag: "0b93ac8c84ffd39feff0f73e031ea7263"
Strict-Transport-Security: max-age=31536000
Content-Type: font/woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62649
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK Regular-Bold.woff
www.optimum.net/assets/fonts/regular/ 61 KB
62 KB 391ms
100ms Font
font/woff 167.206.237.230
CABLE-NET-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.optimum.net/assets/fonts/regular/Regular-Bold.woff

Requested by

Host: www.optimum.net
URL: https://www.optimum.net/core-and-parts-palette-1_page_2.css?202008131122

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

167.206.237.230 , United States, ASN6128 (CABLE-NET-1, US),

Reverse DNS

optimum.net

Software

Resource Hash

6956ea2e1d93df622505b666c2987433a0f5546e4037f0a185c133b20a9a783b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.optimum.net/core-and-parts-palette-1_page_2.css?202008131122
Origin: https://nigecd.glitch.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 17:34:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Aug 2021 14:55:15 GMT
ETag: "0467d177910ed28d5c8fc03d88b6020b3"
Strict-Transport-Security: max-age=31536000
Content-Type: font/woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 62661
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK fontawesome-webfont.woff
www.optimum.net/assets/fonts/fontawesome/ 29 KB
29 KB 396ms
103ms Font
font/woff 167.206.237.230
CABLE-NET-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.optimum.net/assets/fonts/fontawesome/fontawesome-webfont.woff?v=3.0.1

Requested by

Host: www.optimum.net
URL: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

167.206.237.230 , United States, ASN6128 (CABLE-NET-1, US),

Reverse DNS

optimum.net

Software

Resource Hash

a6fb906942932de53852ee244ee3fec27bca0bf63a96421672aa4784851b8d4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122
Origin: https://nigecd.glitch.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 17:34:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Aug 2021 14:55:15 GMT
ETag: "021f212f94a9db6a0e3847c921842aa19"
Strict-Transport-Security: max-age=31536000
Content-Type: font/woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 29380
X-XSS-Protection: 1; mode=block

GET
H2 200 esDR31xSG-6AGleN2tWkkA.woff2
fonts.gstatic.com/s/abeezee/v14/ 17 KB
17 KB 149ms
33ms Font
font/woff2 2a00:1450:4007:819::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/abeezee/v14/esDR31xSG-6AGleN2tWkkA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=ABeeZee

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4007:819::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d15d9db6134e6afc9a6105ba23acd46e9168d8c84e95c2381920edc3e0687b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://nigecd.glitch.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Fri, 03 Sep 2021 19:56:28 GMT
x-content-type-options: nosniff
last-modified: Tue, 01 Sep 2020 05:46:40 GMT
server: sffe
age: 423491
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17048
x-xss-protection: 0
expires: Sat, 03 Sep 2022 19:56:28 GMT

GET
H/1.1 200
OK Regular-Medium.woff
www.optimum.net/assets/fonts/regular/ 60 KB
61 KB 407ms
106ms Font
font/woff 167.206.237.230
CABLE-NET-1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.optimum.net/assets/fonts/regular/Regular-Medium.woff

Requested by

Host: www.optimum.net
URL: https://www.optimum.net/core-and-parts-palette-1_page_2.css?202008131122

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_256_CBC

Server

167.206.237.230 , United States, ASN6128 (CABLE-NET-1, US),

Reverse DNS

optimum.net

Software

Resource Hash

878a83f4ffa56c09d18f71c29755fdd6f93c2e9702845ec7c83c1da4754d2650

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.optimum.net/core-and-parts-palette-1_page_2.css?202008131122
Origin: https://nigecd.glitch.me
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 08 Sep 2021 17:34:40 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 25 Aug 2021 14:55:15 GMT
ETag: "04af555f6d24ac7c63f9b26a52373d6d1"
Strict-Transport-Security: max-age=31536000
Content-Type: font/woff
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 61533
X-XSS-Protection: 1; mode=block

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Optimum (Telecommunication)

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

crazysocks.life
fonts.googleapis.com
fonts.gstatic.com
ht.ly
nigecd.glitch.me
www.optimum.net
162.241.175.67
167.206.237.230
2a00:1450:4007:80c::200a
2a00:1450:4007:819::2003
34.197.3.188
54.67.57.56
01c7c30b4b5d6adb9b4ec031e417c63aba8485d17e3984f34469b9a45a446709
0fde4c9c87c9e7b45f2edee970396be68320f3762a1a7998aff4b7f7517fcfe4
24b1b0fc642753fc6e693eae5cde6fd56366fad297e2915b3e9f63774f3aa1fb
3969177281b39dacb532d29111fcf95ab01ea8ad24ef8961a0530a7404a35a84
5b85f5f5732534318102cd1b76600be50148a28b8ddf10bc845c43702f2a5fa5
5d15d9db6134e6afc9a6105ba23acd46e9168d8c84e95c2381920edc3e0687b1
6956ea2e1d93df622505b666c2987433a0f5546e4037f0a185c133b20a9a783b
6d57340d92cb2e9557a1cc3ac96c86ca86b0c8323c851a55573a3a2488ef84ff
878a83f4ffa56c09d18f71c29755fdd6f93c2e9702845ec7c83c1da4754d2650
8aa8118db32257ec8223b375a92fa659bc9272f2d685ea86460648d8164af1b7
a0499611564d1fd46b4f198d9abda12f37b96c342d7222cdc8fa2a18b1e197f6
a6fb906942932de53852ee244ee3fec27bca0bf63a96421672aa4784851b8d4b
dda50837373135f2515c7ed1216d1cb8c79aa12786d8512e3400a9cd665e1d88
efc5160a5e7215e15598a2171a97d54e026099c0ead393514c7089e805f82dbe
f024a95148a1da10a251bd5c9d810fae48312219573b7b3a90de9dc7362f8418

nigecd.glitch.me Open in urlscan Pro 34.197.3.188 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

16 Requests

100 %HTTPS

33 %IPv6

6 Domains

6 Subdomains

5 IPs

2 Countries

514 kBTransfer

953 kBSize

0 Cookies

7 Outgoing links

Page URL History

Redirected requests

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

83 JavaScript Global Variables

0 Cookies

Indicators

nigecd.glitch.me Open in urlscan Pro
34.197.3.188 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

16
Requests

100 %
HTTPS

33 %
IPv6

6
Domains

6
Subdomains

5
IPs

2
Countries

514 kB
Transfer

953 kB
Size

0
Cookies

16 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!