Report - certain-cord-pilot.glitch.me/

Report Overview

Visited public
2025-04-03 12:07:49
Tags
suspicious
URL
certain-cord-pilot.glitch.me/
Finishing URL
certain-cord-pilot.glitch.me/
IP / ASN
151.101.2.59
#54113 FASTLY
Title
Notaire - Partage de document.
Suspicious - Suspicious Javascript code

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdn.tailwindcss.com	422202	2017-07-20	2018-07-09	2025-03-28	824 B	815 kB	104.22.21.144
certain-cord-pilot.glitch.me	unknown	2008-07-18	2025-03-31	2025-03-31	936 B	94 kB	151.101.194.59

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-04-03 12:07:27	medium	Client IP	151.101.194.59	ET HUNTING Suspicious Glitch Hosted TLS SNI Request - Possible Phishing Landing
2025-04-03 12:07:27	low	Client IP	151.101.194.59	ET INFO Observed Online Application Hosting Domain (glitch .me in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

Scan Date	Severity	Indicator	Alert
2025-03-30	medium	certain-cord-pilot.glitch.me/favicon.ico	Other
2025-03-30	medium	certain-cord-pilot.glitch.me/	Other

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-04-03	medium	certain-cord-pilot.glitch.me	Sinkholed
2025-04-03	medium	certain-cord-pilot.glitch.me	Sinkholed

ThreatFox

No alerts detected

Telegram Bot detected

URL
certain-cord-pilot.glitch.me/
IP / ASN
151.101.194.59
#54113 FASTLY

Token
7057237233:AAEtpSkRT0sxx6KNnykUDSO9cGu4pJs0JnA

Bot Overview
User ID 7057237233
Username Charicop_bot
First Name Charicop
Last Name
Chat Information
Chat ID 7464989110
Chat Type private
Title
User Count 2
Admins 0
Pending Messages 0

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	certain-cord-pilot.glitch.me/	ScriptElement	105 B	2024-04-26	2025-05-07
Pretty URL certain-cord-pilot.glitch.me/ IP 151.101.194.59 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 01:37 Last Seen2025-05-07 11:23 Times Seen49 Hash bf28a1002dfe7999f1e7b8666a49ba4e c9730d9a4cd76ba12b1f96d416bb487037d13e2d 5d3d2ea414af8ce78e9b527c7d1e01556bb199778e15d696a62c8aa3c46ea4a7 Loading...

	certain-cord-pilot.glitch.me/	ScriptElement	105 B	2024-04-26	2025-05-07
Pretty URL certain-cord-pilot.glitch.me/ IP 151.101.194.59 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 01:37 Last Seen2025-05-07 11:23 Times Seen49 Hash bf28a1002dfe7999f1e7b8666a49ba4e c9730d9a4cd76ba12b1f96d416bb487037d13e2d 5d3d2ea414af8ce78e9b527c7d1e01556bb199778e15d696a62c8aa3c46ea4a7 Loading...

	cdn.tailwindcss.com/	ScriptElement	407 kB	2024-12-07	2025-05-08
Pretty URL cdn.tailwindcss.com/ IP 104.22.21.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-07 03:18 Last Seen2025-05-08 21:35 Times Seen1688 Hash 2697bf25afb0982dfa17c73536f934c1 7d7db122d0639cd1f1a53eb6018d6d713d312679 fb798bb21731986940cf3a9950fbca386e03633e9a45497701e71f9b87d132ea Loading...

	certain-cord-pilot.glitch.me/	ScriptElement	4.2 kB	2025-03-31	2025-05-06
Pretty URL certain-cord-pilot.glitch.me/ IP 151.101.194.59 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-31 13:38 Last Seen2025-05-06 10:54 Times Seen6 Hash 98b5c2454c9107bd8286e38d69708d7c 156d3e892874f70209248a483af6d17f1ec5fe29 d4704f8a2ccc26ab721e7b6b1551327d299aff1d754d1ec064a9fdd3e52ea16f Loading...

HTTP Transactions (4)

URL IP Response Size

cdn.tailwindcss.com/

104.22.21.144

302 Found

407 kB

URL GET
cdn.tailwindcss.com/
IP
104.22.21.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://certain-cord-pilot.glitch.me/
Certificate
IssuerGoogle Trust Services
Subjecttailwindcss.com
Fingerprint9B:3A:86:B2:34:9A:76:BF:85:6D:3A:86:E6:A9:39:2E:80:33:60:CF
ValidityTue, 01 Apr 2025 02:17:40 GMT - Mon, 30 Jun 2025 03:17:37 GMT

File type

Size
407 kB (407279 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certain-cord-pilot.glitch.me/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Thu, 03 Apr 2025 12:07:28 GMT
cache-control: max-age=14400
location: /3.4.16
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::xldx8-1743681330125-5e8ff4f9363d
cf-cache-status: HIT
age: 246
vary: Accept-Encoding
server: cloudflare
cf-ray: 92a87222aa7bb515-OSL
X-Firefox-Spdy: h2

cdn.tailwindcss.com/3.4.16

104.22.21.144

200 OK

407 kB

URL GET
cdn.tailwindcss.com/3.4.16
IP
104.22.21.144:443
ASN
#13335 CLOUDFLARENET

Requested by
https://certain-cord-pilot.glitch.me/
Certificate
IssuerGoogle Trust Services
Subjecttailwindcss.com
Fingerprint9B:3A:86:B2:34:9A:76:BF:85:6D:3A:86:E6:A9:39:2E:80:33:60:CF
ValidityTue, 01 Apr 2025 02:17:40 GMT - Mon, 30 Jun 2025 03:17:37 GMT

File type
JavaScript source, ASCII text, with very long lines (52853)
Size
407 kB (407279 bytes)
Hash
2697bf25afb0982dfa17c73536f934c1
7d7db122d0639cd1f1a53eb6018d6d713d312679
fb798bb21731986940cf3a9950fbca386e03633e9a45497701e71f9b87d132ea

HTTP Headers

GET /3.4.16 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://certain-cord-pilot.glitch.me/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 03 Apr 2025 12:07:28 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::xkkn6-1742830770740-5a5b33921fee
last-modified: Mon, 24 Mar 2025 15:39:31 GMT
cf-cache-status: HIT
age: 851276
vary: Accept-Encoding
server: cloudflare
cf-ray: 92a87222dadfb515-OSL
X-Firefox-Spdy: h2

certain-cord-pilot.glitch.me/favicon.ico

151.101.194.59

404 Not Found

3.7 kB

URL GET
certain-cord-pilot.glitch.me/favicon.ico
IP
151.101.194.59:443
ASN
#54113 FASTLY

Requested by
https://certain-cord-pilot.glitch.me/
Certificate
IssuerCertainly
Subject*.glitch.me
Fingerprint97:AE:38:66:3D:A4:DF:39:E3:02:0E:99:02:5B:C4:DD:7A:E0:6D:60
ValiditySat, 22 Mar 2025 21:21:47 GMT - Mon, 21 Apr 2025 21:21:46 GMT

File type
HTML document, ASCII text, with very long lines (3860), with no line terminators
Size
3.7 kB (3674 bytes)
Hash
8278f4a50baab9058328953010197d7a
9544556ac5ec4d08e25f399ccebc12699a0ecc28
5c78d9c99aced916130e4a9b5987a69236186cec610894cc070bd98b4467ae1e

Detections

Analyzer	Verdict	Alert
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: certain-cord-pilot.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://certain-cord-pilot.glitch.me/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
cache-control: max-age=0
accept-ranges: bytes
date: Thu, 03 Apr 2025 12:07:29 GMT
via: 1.1 varnish
x-served-by: cache-hel1410022-HEL, cache-hel1410022-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1743682049.444140,VS0,VE167
content-length: 3674
X-Firefox-Spdy: h2

certain-cord-pilot.glitch.me/

151.101.194.59

200 OK

89 kB

URL User Request GET
certain-cord-pilot.glitch.me/
IP
151.101.194.59:443
ASN
#54113 FASTLY

Certificate
IssuerCertainly
Subject*.glitch.me
Fingerprint97:AE:38:66:3D:A4:DF:39:E3:02:0E:99:02:5B:C4:DD:7A:E0:6D:60
ValiditySat, 22 Mar 2025 21:21:47 GMT - Mon, 21 Apr 2025 21:21:46 GMT

File type

Size
89 kB (89391 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious Javascript code
PhishTank	phishing	Other
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: certain-cord-pilot.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-server-side-encryption: AES256
etag: "dd2f238f45ccf2acac67251710ade762"
cache-control: no-cache
server: AmazonS3
last-modified: Mon, 31 Mar 2025 23:17:09 GMT
x-amz-id-2: 1YFcmnyPyOGVDHaeqxmM8nJjT6VcS9qq5A+wx0RPZi9kpYkJXNg4svxSGNLQpdYp5vULKfhcq0o=
x-amz-request-id: Q1WQ85ZJ28SC8VYF
content-type: text/html; charset=utf-8
x-amz-version-id: lmA.Krc0gM_QnhdQqx3U7hGrjVCmtFQa
accept-ranges: bytes
date: Thu, 03 Apr 2025 12:07:28 GMT
via: 1.1 varnish
x-served-by: cache-hel1410022-HEL, cache-hel1410022-HEL
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-timer: S1743682048.721751,VS0,VE366
content-length: 89391
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

Telegram Bot detected

Token

Bot Overview

Chat Information

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (4)

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash