bronze-violet-apogee.glitch.me

Summary

This website contacted 4 IPs in 1 countries across 4 domains to perform 5 HTTP transactions. The main IP is 34.230.219.115, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is bronze-violet-apogee.glitch.me.

This is the only time bronze-violet-apogee.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1	34.230.219.115 34.230.219.115	14618 (AMAZON-AES) (AMAZON-AES)
1 3	159.65.254.238 159.65.254.238	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	4

1 34.230.219.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-219-115.compute-1.amazonaws.com

bronze-violet-apogee.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.65.254.238 (Clifton, United States) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

7yts.in	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
3	7yts.in 1 redirects 7yts.in	77 KB
1	amung.us whos.amung.us — Cisco Umbrella Rank: 15945	26 B
1	glitch.me bronze-violet-apogee.glitch.me	604 B
0	geojs.io Failed get.geojs.io Failed
5	4

	Domain	Requested by
3	7yts.in	1 redirects bronze-violet-apogee.glitch.me
1	whos.amung.us
1	bronze-violet-apogee.glitch.me
0	get.geojs.io Failed	bronze-violet-apogee.glitch.me
5	4

This site contains no links.

Subject Issuer	Validity	Valid
7yts.in R3	`2023-03-13` - `2023-06-11`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://bronze-violet-apogee.glitch.me/
Frame ID: CCB695B07CB0EACA9B1425DD4D09A373
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log into Facebook | Facebook

Page Statistics

5
Requests

20 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

78 kB
Transfer

771 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://7yts.in/location HTTP 301
https://7yts.in/location/

5 HTTP transactions
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response bronze-violet-apogee.glitch.me/	95 B 604 B	341ms 209ms	Document text/html	34.230.219.115 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://bronze-violet-apogee.glitch.me/ Protocol HTTP/1.1 Server 34.230.219.115 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-34-230-219-115.compute-1.amazonaws.com Software AmazonS3 / Resource Hash `60e7c0c329b9c6989cc3a4994ec996cd6b57237d2131d4c9ccd89c45e7d3dc01` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Length 95 Content-Type text/html; charset=utf-8 Date Mon, 20 Mar 2023 04:31:30 GMT accept-ranges bytes cache-control no-cache etag "43c97ab6820592be2c67bbaec3bb64c7" last-modified Sun, 19 Mar 2023 19:45:59 GMT server AmazonS3 x-amz-id-2 K1nrJCu0GjWawl90yOyJl3btgBYODBe+3AsOGUmN8zesR31k72oOEiDZ4uGI4ZmQD2kcvMe5ViU= x-amz-request-id H1S922NZR5WMCNZV x-amz-server-side-encryption AES256 x-amz-version-id g8OdYMNfOfgmy.uEYCK.G6cvgDlrvFfv
GET H/1.1	200 OK	/ Show response 7yts.in/	717 KB 76 KB	474ms 227ms	Script application/javascript	159.65.254.238 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://7yts.in/?api=1&lan=new&ht=2 Requested by Host: bronze-violet-apogee.glitch.me URL: http://bronze-violet-apogee.glitch.me/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 159.65.254.238 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / PHP/8.0.28, PleskLin Resource Hash `b34ba689430bfa641e9f62c359b27012c5259b8b91dd6756c336542d79fe21aa` Request headers accept-language de-DE,de;q=0.9 Referer http://bronze-violet-apogee.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Pragma no-cache Date Mon, 20 Mar 2023 04:31:30 GMT Content-Encoding br Server nginx X-Powered-By PHP/8.0.28, PleskLin Transfer-Encoding chunked Content-Type application/javascript Cache-Control no-store, no-cache, must-revalidate Connection keep-alive Expires Thu, 19 Nov 1981 08:52:00 GMT
GET H/1.1	200 OK	/ Show response 7yts.in/location/ Redirect Chain https://7yts.in/location https://7yts.in/location/	1 KB 641 B	110ms 110ms	Script application/javascript	159.65.254.238 DIGITALOCEAN-ASN
General Check archive.org Show headers Download Go to Full URL https://7yts.in/location/ Protocol HTTP/1.1 Server 159.65.254.238 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US), Reverse DNS Software nginx / PHP/8.0.28, PleskLin Resource Hash `ce0b3cc4048b5dd27f352533ac47cbdef8f4bb9a5170a7fa6d2a917428946599` Request headers accept-language de-DE,de;q=0.9 Referer http://bronze-violet-apogee.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Mon, 20 Mar 2023 04:31:31 GMT Content-Encoding br Server nginx Connection keep-alive X-Powered-By PHP/8.0.28, PleskLin Transfer-Encoding chunked Content-Type application/javascript Redirect headers Location https://7yts.in/location/ Date Mon, 20 Mar 2023 04:31:31 GMT Server nginx Connection keep-alive X-Powered-By PleskLin Content-Length 233 Content-Type text/html; charset=iso-8859-1
GET		geo.json get.geojs.io/v1/ip/	0 0

GET DATA	200 OK	truncated /	1 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b` Request headers accept-language de-DE,de;q=0.9 Referer http://bronze-violet-apogee.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	/ whos.amung.us/pingjs/	26 B 26 B	145ms 132ms	Image text/javascript	2606:4700:10::ac43:88d CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL http://whos.amung.us/pingjs/?k=polo5151&t=san2val&x=https://www.google.com/ Protocol HTTP/1.1 Server 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language de-DE,de;q=0.9 Referer http://bronze-violet-apogee.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Date Mon, 20 Mar 2023 04:31:31 GMT content-encoding gzip CF-Cache-Status DYNAMIC Server cloudflare Transfer-Encoding chunked Content-Type text/javascript;charset=UTF-8 Connection keep-alive CF-RAY 7aab39dadc7d365d-FRA
GET DATA	200 OK	truncated /	51 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f` Request headers accept-language de-DE,de;q=0.9 Referer http://bronze-violet-apogee.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/png

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: get.geojs.io
URL: http://get.geojs.io/v1/ip/geo.json

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	error	URL: http://bronze-violet-apogee.glitch.me/#0.6542963746806378 Message: Access to XMLHttpRequest at 'http://get.geojs.io/v1/ip/geo.json' from origin 'http://bronze-violet-apogee.glitch.me' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: http://get.geojs.io/v1/ip/geo.json Message: Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7yts.in
bronze-violet-apogee.glitch.me
get.geojs.io
whos.amung.us
get.geojs.io
159.65.254.238
2606:4700:10::ac43:88d
34.230.219.115
1230532f79456753fb73f559ece9b95c17cfb36325dc313a3eda5ac22dfd9a2b
60e7c0c329b9c6989cc3a4994ec996cd6b57237d2131d4c9ccd89c45e7d3dc01
7281941fed81ed9caf5728727e05da4a94b442c36796e1a5b1d6106f242ed11f
b34ba689430bfa641e9f62c359b27012c5259b8b91dd6756c336542d79fe21aa
ce0b3cc4048b5dd27f352533ac47cbdef8f4bb9a5170a7fa6d2a917428946599
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

bronze-violet-apogee.glitch.me Open in urlscan Pro 34.230.219.115 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

20 %HTTPS

33 %IPv6

4 Domains

4 Subdomains

4 IPs

1 Countries

78 kBTransfer

771 kBSize

0 Cookies

0 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

15 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

bronze-violet-apogee.glitch.me Open in urlscan Pro
34.230.219.115 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

20 %
HTTPS

33 %
IPv6

4
Domains

4
Subdomains

4
IPs

1
Countries

78 kB
Transfer

771 kB
Size

0
Cookies

5 HTTP transactions
2 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!