Report Overview
Visitedpublic
2023-11-22 03:00:49
Submit Tags
URL
splendid-awake-bun.glitch.me/public/vghshja.HTM
Finishing URL
splendid-awake-bun.glitch.me/public/vghshja.HTM
IP / ASN
44.217.233.228
Title
Navy Federal Credit Union - Our Members are the Mission®
Phishing - Navy Federal Credit Union
Suspicious - Suspicious Javascript code
Detections
urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
0
Host Summary
| Host | Rank | Registered | First Seen | Last Seen | Sent | Received | IP | Fingerprints |
|---|---|---|---|---|---|---|---|---|
splendid-awake-bun.glitch.me 2 alert(s) on this Domain | unknown | unknown | No data | No data | 503 B | 2.9 MB | 34.225.219.45 | |
i.ibb.co | 13485 | 2010-07-20 | 2018-11-25 11:13:48 | 2023-11-21 06:20:23 | 442 B | 3.6 kB |  162.19.58.161 | |
l2.io | 163527 | 2012-05-12 | 2015-06-25 03:31:26 | 2023-11-20 04:35:50 | 411 B | 226 B | 195.80.159.133 |
Related reports
Network Intrusion Detection Systems
Suricata /w Emerging Threats Pro
| Timestamp | Severity | Source IP | Destination IP | Alert |
|---|---|---|---|---|
| medium | Client IP | Internal IP | ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing | |
| medium | Client IP | Internal IP | ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing | |
| medium | Client IP | Internal IP | ET HUNTING Suspicious Glitch Hosted DNS Request - Possible Phishing Landing | |
| medium | Client IP | 34.225.219.45 | ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing | |
| medium | Client IP | Internal IP | ET POLICY Observed IP Lookup Domain (l2 .io in DNS Lookup) | |
| medium | Client IP | Internal IP | ET POLICY Observed IP Lookup Domain (l2 .io in DNS Lookup) | |
| medium | Client IP | 195.80.159.133 | ET POLICY Observed IP Lookup Domain (l2 .io in TLS SNI) | |
| medium | Client IP | 195.80.159.133 | ET POLICY Observed IP Lookup Domain (l2 .io in TLS SNI) |
Threat Detection Systems
Public InfoSec YARA rules
No alerts detected
OpenPhish
| Scan Date | Severity | Indicator | Alert |
|---|---|---|---|
| 2023-11-21 | medium | splendid-awake-bun.glitch.me/public/vghshja.HTM | Navy Federal Credit Union |
PhishTank
No alerts detected
mnemonic secure dns
No alerts detected
Quad9 DNS
No alerts detected
ThreatFox
No alerts detected
JavaScript (14)
| HASH | FROM | Size | First Seen | Last Seen | |
|---|---|---|---|---|---|
| b24e3b4ad9d5bace5317ed7eda88f960 | DocumentWrite | 953 kB | 2023-03-08 | 2025-06-01 | |
Introduced by DocumentWrite First Seen 2023-03-08 Last Seen 2025-06-01 Times Seen 18 Size 953 kB (952745 bytes) MD5 b24e3b4ad9d5bace5317ed7eda88f960 SHA1 937c965a966068bbb2d8bbd8900329757fbe44dd Loading... | |||||
HTTP Transactions (3)
| URL | IP | Response | Size |
|---|