tranquil-wetransfer-po.glitch.me
Open in
urlscan Pro
18.211.208.99
Malicious Activity!
Public Scan
Submission: On July 13 via automatic, source phishtank — Scanned from US
Summary
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.
This is the only time tranquil-wetransfer-po.glitch.me was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: WeTransfer (Online)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
18 | 18.211.208.99 18.211.208.99 | 14618 (AMAZON-AES) (AMAZON-AES) | |
3 3 | 2606:4700:10:... 2606:4700:10::ac43:8ee | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 151.101.194.132 151.101.194.132 | 54113 (FASTLY) (FASTLY) | |
21 | 3 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-208-99.compute-1.amazonaws.com
tranquil-wetransfer-po.glitch.me | |
grizzly-elfin-hotel.glitch.me |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
glitch.me
tranquil-wetransfer-po.glitch.me grizzly-elfin-hotel.glitch.me |
697 KB |
3 |
cutt.ly
3 redirects
cutt.ly — Cisco Umbrella Rank: 50466 |
658 B |
2 |
glitch.global
cdn.glitch.global — Cisco Umbrella Rank: 435075 |
|
0 |
Failed
function sub() { [native code] }. Failed |
|
21 | 4 |
Domain | Requested by | |
---|---|---|
15 | tranquil-wetransfer-po.glitch.me |
tranquil-wetransfer-po.glitch.me
|
3 | grizzly-elfin-hotel.glitch.me |
tranquil-wetransfer-po.glitch.me
|
3 | cutt.ly | 3 redirects |
2 | cdn.glitch.global |
tranquil-wetransfer-po.glitch.me
|
0 | invalid Failed |
tranquil-wetransfer-po.glitch.me
|
21 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
glitch.com Amazon RSA 2048 M03 |
2023-12-04 - 2025-01-01 |
a year | crt.sh |
cdn.glitch.global R3 |
2024-05-30 - 2024-08-28 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://tranquil-wetransfer-po.glitch.me/index2.html
Frame ID: 254D81B59B933DCD6757BCA358B6D5F8
Requests: 8 HTTP requests in this frame
Frame:
https://tranquil-wetransfer-po.glitch.me/1.html
Frame ID: FE9E35D3638D30B63B332940E149B7CE
Requests: 14 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 5- https://cutt.ly/CearQTuV HTTP 301
- https://grizzly-elfin-hotel.glitch.me/uiglhijll.css
- https://cutt.ly/OearJLSg HTTP 301
- https://grizzly-elfin-hotel.glitch.me/2.js
- https://cutt.ly/OearJLSg HTTP 301
- https://grizzly-elfin-hotel.glitch.me/2.js
21 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
index2.html
tranquil-wetransfer-po.glitch.me/ |
123 KB 123 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.js
tranquil-wetransfer-po.glitch.me/ |
87 KB 88 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js.download
tranquil-wetransfer-po.glitch.me/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bWqOLA69nu2fsMi45LjA.js.download
tranquil-wetransfer-po.glitch.me/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js.download
tranquil-wetransfer-po.glitch.me/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
invalid/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
uiglhijll.css
grizzly-elfin-hotel.glitch.me/ Redirect Chain
|
391 KB 392 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.js
grizzly-elfin-hotel.glitch.me/ Redirect Chain
|
76 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.html
tranquil-wetransfer-po.glitch.me/ Frame FE9E |
13 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.js
tranquil-wetransfer-po.glitch.me/ Frame FE9E |
87 KB 277 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wallpaper-toolbox-2.css
tranquil-wetransfer-po.glitch.me/ Frame FE9E |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.js
grizzly-elfin-hotel.glitch.me/ Frame FE9E Redirect Chain
|
76 KB 301 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dom4.js
tranquil-wetransfer-po.glitch.me/ Frame FE9E |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
anime.js
tranquil-wetransfer-po.glitch.me/ Frame FE9E |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wallpaper-api-2.js
tranquil-wetransfer-po.glitch.me/ Frame FE9E |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wallpaper-toolbox-2.js
tranquil-wetransfer-po.glitch.me/ Frame FE9E |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame FE9E |
4 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
next-button.png
tranquil-wetransfer-po.glitch.me/assets/images/ Frame FE9E |
4 KB 4 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DINNextW1G-Bold.woff
tranquil-wetransfer-po.glitch.me/assets/fonts/ Frame FE9E |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
DINNextW1G-Regular.woff
tranquil-wetransfer-po.glitch.me/assets/fonts/ Frame FE9E |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video-04.mp4
cdn.glitch.global/9ed4c623-bd1b-4310-adb3-cf24b8807ba1/ Frame FE9E |
1 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video-04.mp4
cdn.glitch.global/9ed4c623-bd1b-4310-adb3-cf24b8807ba1/ Frame FE9E |
506 KB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- invalid
- URL
- chrome-extension://invalid/
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: WeTransfer (Online)25 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| mail function| jQuery string| ajaxurl string| image_save_msg string| no_menu_msg string| smessage function| disableEnterKey function| wccp_free_iscontenteditable function| disable_copy function| disable_copy_ie function| reEnable function| disableSelection function| onlongtouch number| touchduration function| touchstart function| touchend function| wccp_pro_is_passive function| nocontext function| show_wpcp_message function| hide_message object| maxwellScreenReaderText object| lazySizes object| addComment object| wp0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
13 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.glitch.global
cutt.ly
grizzly-elfin-hotel.glitch.me
invalid
tranquil-wetransfer-po.glitch.me
invalid
151.101.194.132
18.211.208.99
2606:4700:10::ac43:8ee
2784f6ffefbd5fcae302d112e1629907deed1e36f9c2050ea6d7038eec3f649c
4243ca5d8d034507e2cebd97c6575644739250a99e1f067a42ea2629000638c5
46ca780db78a93144252c2865d0a184d51610ce5e97d97fd5f7a5add20e83cd9
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
7650cccb518dc3993c51d7a477c1676cf331e22856d2a5456178e5dc96f0ac39
7a32a6e4c5e81f0d51cb97466aa442a2342f5ab5c62ff62c3094296fabdda734
cb03f92c07b692ce08005daa5f69a374b6bc2f65e0f5bde64aa1e18499b6e8f9