nigecd.glitch.me
Open in
urlscan Pro
34.197.3.188
Malicious Activity!
Public Scan
Effective URL: https://nigecd.glitch.me/
Submission: On September 08 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by Amazon on January 18th 2021. Valid for: a year.
This is the only time nigecd.glitch.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Optimum (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 54.67.57.56 54.67.57.56 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 162.241.175.67 162.241.175.67 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 34.197.3.188 34.197.3.188 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 15 | 167.206.237.230 167.206.237.230 | 6128 (CABLE-NET-1) (CABLE-NET-1) | |
1 | 2a00:1450:400... 2a00:1450:4007:80c::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4007:819::2003 | 15169 (GOOGLE) (GOOGLE) | |
16 | 5 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-241-175-67.unifiedlayer.com
crazysocks.life |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-3-188.compute-1.amazonaws.com
nigecd.glitch.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
15 |
optimum.net
3 redirects
www.optimum.net |
447 KB |
1 |
gstatic.com
fonts.gstatic.com |
17 KB |
1 |
googleapis.com
fonts.googleapis.com |
781 B |
1 |
glitch.me
nigecd.glitch.me |
50 KB |
1 |
crazysocks.life
crazysocks.life |
476 B |
1 |
ht.ly
1 redirects
ht.ly |
376 B |
16 | 6 |
Domain | Requested by | |
---|---|---|
15 | www.optimum.net |
3 redirects
nigecd.glitch.me
www.optimum.net |
1 | fonts.gstatic.com |
fonts.googleapis.com
|
1 | fonts.googleapis.com |
crazysocks.life
|
1 | nigecd.glitch.me | |
1 | crazysocks.life | |
1 | ht.ly | 1 redirects |
16 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.protware.com |
webmail.optimum.net |
voice.optimum.net |
www.facebook.com |
twitter.com |
instagram.com |
www.youtube.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
crazysocks.life cPanel, Inc. Certification Authority |
2021-09-05 - 2021-12-04 |
3 months | crt.sh |
glitch.com Amazon |
2021-01-18 - 2022-02-15 |
a year | crt.sh |
www.optimum.net DigiCert SHA2 Extended Validation Server CA |
2021-03-09 - 2022-04-09 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-08-16 - 2021-11-08 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-08-23 - 2021-11-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://nigecd.glitch.me/
Frame ID: 22D7D2C8EE3B5725537B08DF81EA1A51
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Sign In to Manage Your Services | OptimumPage URL History Show full URLs
-
http://ht.ly/Dicg50G6qtQ
HTTP 301
https://crazysocks.life/ Page URL
- https://nigecd.glitch.me/ Page URL
Detected technologies
Font Awesome (Font Scripts) ExpandDetected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Title: www.ProtWare.com
Search URL Search Domain Scan URL
Title: View all
Search URL Search Domain Scan URL
Title: View all
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://ht.ly/Dicg50G6qtQ
HTTP 301
https://crazysocks.life/ Page URL
- https://nigecd.glitch.me/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://ht.ly/Dicg50G6qtQ HTTP 301
- https://crazysocks.life/
- https://www.optimum.net/core-and-parts_page_1.css?202008131122 HTTP 302
- https://www.optimum.net/core-and-parts-palette-1_page_1.css?202008131122
- https://www.optimum.net/core-and-parts_page_2.css?202008131122 HTTP 302
- https://www.optimum.net/core-and-parts-palette-1_page_2.css?202008131122
- https://www.optimum.net/login/page.css?202008131122 HTTP 302
- https://www.optimum.net/login/page-palette-1.css?202008131122
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
crazysocks.life/ Redirect Chain
|
234 B 476 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
nigecd.glitch.me/ |
50 KB 50 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core-and-parts-palette-1_page_1.css
www.optimum.net/ Redirect Chain
|
324 KB 45 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
core-and-parts-palette-1_page_2.css
www.optimum.net/ Redirect Chain
|
184 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
page-palette-1.css
www.optimum.net/login/ Redirect Chain
|
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
366 B 781 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_desktop.png
www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/ |
11 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_message2.png
www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/ |
249 B 770 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_opthelp.png
www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/ |
441 B 963 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_optstore.png
www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/ |
405 B 927 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite_icons_altice.png
www.optimum.net/cdn/static.tvlistings.optimum.net/ool/static/prod/images/ |
146 KB 147 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Regular-Regular.woff
www.optimum.net/assets/fonts/regular/ |
61 KB 62 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Regular-Bold.woff
www.optimum.net/assets/fonts/regular/ |
61 KB 62 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fontawesome-webfont.woff
www.optimum.net/assets/fonts/fontawesome/ |
29 KB 29 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
esDR31xSG-6AGleN2tWkkA.woff2
fonts.gstatic.com/s/abeezee/v14/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Regular-Medium.woff
www.optimum.net/assets/fonts/regular/ |
60 KB 61 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Optimum (Telecommunication)83 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect boolean| originAgentCluster number| fd9f7 function| lI1 undefined| l1l undefined| ll1 undefined| lll string| l_ll string| l11 number| lII string| zLP string| f1EUObL1uz5 function| baghKGqVwqqBL1s object| cJj97rb5k object| qE4Xd1knr string| ro15764613z string| qNIRUpO97 string| j4JFRt7yZm string| x75nTX86ldiu string| eGoPcb string| t5Makk8 function| qqBL1sbaghKGqVw string| j7BUj9p function| gYwC3V string| sqBC5cHDTn6xxt number| ii object| l5 string| l6 number| ll number| _l string| qy7 function| qy6 function| qy9 string| qy8 string| msg function| nem undefined| dl number| oe undefined| da function| ge boolean| ws string| tN boolean| izN undefined| zis undefined| zis8 boolean| zOF boolean| i7f number| ppconf function| IIII function| lI1I function| Ill1 function| I111 function| lI1l function| lI11 function| lII1 function| l1Il string| l111 string| III1 number| r number| d string| o string| I1ll string| lllI string| Il1l string| Illl string| l1II string| Il11 function| lll1 string| lj9B6Xk5RMXgT6o object| I1l1 object| llll number| l1I1 string| u object| Il1I object| IIIl number| t number| m object| I1lI number| ctaL number| j number| x object| lIII object| l11l0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
crazysocks.life
fonts.googleapis.com
fonts.gstatic.com
ht.ly
nigecd.glitch.me
www.optimum.net
162.241.175.67
167.206.237.230
2a00:1450:4007:80c::200a
2a00:1450:4007:819::2003
34.197.3.188
54.67.57.56
01c7c30b4b5d6adb9b4ec031e417c63aba8485d17e3984f34469b9a45a446709
0fde4c9c87c9e7b45f2edee970396be68320f3762a1a7998aff4b7f7517fcfe4
24b1b0fc642753fc6e693eae5cde6fd56366fad297e2915b3e9f63774f3aa1fb
3969177281b39dacb532d29111fcf95ab01ea8ad24ef8961a0530a7404a35a84
5b85f5f5732534318102cd1b76600be50148a28b8ddf10bc845c43702f2a5fa5
5d15d9db6134e6afc9a6105ba23acd46e9168d8c84e95c2381920edc3e0687b1
6956ea2e1d93df622505b666c2987433a0f5546e4037f0a185c133b20a9a783b
6d57340d92cb2e9557a1cc3ac96c86ca86b0c8323c851a55573a3a2488ef84ff
878a83f4ffa56c09d18f71c29755fdd6f93c2e9702845ec7c83c1da4754d2650
8aa8118db32257ec8223b375a92fa659bc9272f2d685ea86460648d8164af1b7
a0499611564d1fd46b4f198d9abda12f37b96c342d7222cdc8fa2a18b1e197f6
a6fb906942932de53852ee244ee3fec27bca0bf63a96421672aa4784851b8d4b
dda50837373135f2515c7ed1216d1cb8c79aa12786d8512e3400a9cd665e1d88
efc5160a5e7215e15598a2171a97d54e026099c0ead393514c7089e805f82dbe
f024a95148a1da10a251bd5c9d810fae48312219573b7b3a90de9dc7362f8418