fb-account-at-risk.glitch.me

Summary

This website contacted 2 IPs in 1 countries across 2 domains to perform 4 HTTP transactions. The main IP is 34.193.166.25, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is fb-account-at-risk.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.

This is the only time fb-account-at-risk.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
2	34.193.166.25 34.193.166.25	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
4	2

2 34.193.166.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-166-25.compute-1.amazonaws.com

fb-account-at-risk.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.132 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.glitch.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	glitch.global cdn.glitch.global — Cisco Umbrella Rank: 218303	11 KB
2	glitch.me fb-account-at-risk.glitch.me	33 KB
4	2

	Domain	Requested by
2	cdn.glitch.global	fb-account-at-risk.glitch.me
2	fb-account-at-risk.glitch.me	fb-account-at-risk.glitch.me
4	2

This site contains links to these domains. Also see Links.

Domain
detailed-video-29b30.web.app

Subject Issuer	Validity	Valid
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
cdn.glitch.global R3	`2024-03-31` - `2024-06-29`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://fb-account-at-risk.glitch.me/
Frame ID: 864791FD7F6156688203FFE9BD0FCBD4
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Request Form

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

44 kB
Transfer

42 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://detailed-video-29b30.web.app/detailed%20video.mp4

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fb-account-at-risk.glitch.me/ 3 KB
3 KB 382ms
150ms Document
text/html 34.193.166.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fb-account-at-risk.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.166.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-166-25.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ead1c320417980cc3bd24086469e207e6677c7dd5b7ab7c64befce795bb361a0

Request headers

Accept-Language: de-AT,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 2825
content-type: text/html; charset=utf-8
date: Thu, 23 May 2024 09:56:14 GMT
etag: "1222c94133d04dd91246ed9d34f64917"
last-modified: Mon, 15 Apr 2024 12:26:06 GMT
server: AmazonS3
x-amz-id-2: fvrxALw6AEOyO6aqkkM4xhNTw8Fx60daKsJJxf3W4waJQPXrteQntlH1hxPkNRg1W6yE4FRsCb0=
x-amz-request-id: Q1ZK1F9NTFTGQ95R
x-amz-server-side-encryption: AES256
x-amz-version-id: .6iHo3aqRxKdz.MKAPbQUoGDmmRppjLp

GET
H2 200 style.css
fb-account-at-risk.glitch.me/ 30 KB
30 KB 247ms
246ms Stylesheet
text/css 34.193.166.25
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://fb-account-at-risk.glitch.me/style.css
Requested by: Host: fb-account-at-risk.glitch.me
URL: https://fb-account-at-risk.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.193.166.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-166-25.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 78bbd02a436df4f0d57da953adb31c563b2217c30f957775e2c64a89517e718f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fb-account-at-risk.glitch.me/
Accept-Language: de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 23 May 2024 09:56:14 GMT
x-amz-version-id: Fvk17OzvZtdxLp9RdfAV1aKchP6A9fFf
last-modified: Mon, 15 Apr 2024 12:26:06 GMT
server: AmazonS3
x-amz-request-id: Q1ZZA5Z93WMR5YKG
etag: "12faaa544fbcaadbd34fe6ef39e9a288"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 30215
x-amz-id-2: J7w+8yiNpPZc+OMWBCyG8aKDvg4mU7g3dTArRBE+5Rdnbz0c9wZMh4qNm7MwIBOAUVBj5QFEPXY=

GET
H2 200 meta-logo.png
cdn.glitch.global/26db6cad-21fa-4aee-9093-92af7de338e9/ 6 KB
6 KB 72ms
18ms Image
image/png 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/26db6cad-21fa-4aee-9093-92af7de338e9/meta-logo.png?v=1707682041784

Requested by

Host: fb-account-at-risk.glitch.me
URL: https://fb-account-at-risk.glitch.me/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

540d4ac3b3cdc5cf8c1d7a53998e0575439d4277232209570bc1b886b62f1155

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fb-account-at-risk.glitch.me/
Accept-Language: de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Thu, 23 May 2024 09:56:14 GMT
x-amz-request-id: PA0ZV7NYKK48V8NR
age: 1364453
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 5891
x-amz-id-2: Bk3N+60L9s2rV/lEFMG8SdOAcRuep7A9Q/qqpliv5kZDIggrJXK2bj6Ol1Ca0eA0+L7QPhjGBCfjoSmzHp2IDwewZpsqRFaO2Qm5A+YlsUg=
x-served-by: cache-iad-kiad7000077-IAD, cache-vie6338-VIE
last-modified: Sun, 11 Feb 2024 20:07:22 GMT
server: AmazonS3
x-timer: S1716458175.509294,VS0,VE0
etag: "89f13a400337b02a7e619ad67bc1ef92"
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 3028, 462

GET
H2 200 video-logo.jpg
cdn.glitch.global/26db6cad-21fa-4aee-9093-92af7de338e9/ 4 KB
4 KB 73ms
20ms Image
image/jpeg 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/26db6cad-21fa-4aee-9093-92af7de338e9/video-logo.jpg?v=1707684416461

Requested by

Host: fb-account-at-risk.glitch.me
URL: https://fb-account-at-risk.glitch.me/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 San Francisco, United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fc59f3622770b4b99411b55860b6631dd3b75cb3c7ce090a014b4486ef1c13de

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fb-account-at-risk.glitch.me/
Accept-Language: de-AT,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Thu, 23 May 2024 09:56:14 GMT
x-amz-request-id: DEDKC8DH8GGX3P7D
age: 3083641
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 4294
x-amz-id-2: HGhzTR9eA3vUW2M2CoQB8j1ENtIaS7aeEb/Z4p7zgHma+qiSf8we8vfid5cWWbwxGIX+Q8iuGS8=
x-served-by: cache-iad-kiad7000174-IAD, cache-vie6338-VIE
last-modified: Sun, 11 Feb 2024 20:46:56 GMT
server: AmazonS3
x-timer: S1716458175.509284,VS0,VE1
etag: "11866df30cf7d0b1b4fd22c64bd29efd"
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 1810, 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.glitch.global
fb-account-at-risk.glitch.me
151.101.66.132
34.193.166.25
540d4ac3b3cdc5cf8c1d7a53998e0575439d4277232209570bc1b886b62f1155
78bbd02a436df4f0d57da953adb31c563b2217c30f957775e2c64a89517e718f
ead1c320417980cc3bd24086469e207e6677c7dd5b7ab7c64befce795bb361a0
fc59f3622770b4b99411b55860b6631dd3b75cb3c7ce090a014b4486ef1c13de

fb-account-at-risk.glitch.me Open in urlscan Pro 34.193.166.25 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

4 Requests

100 %HTTPS

0 %IPv6

2 Domains

2 Subdomains

2 IPs

1 Countries

44 kBTransfer

42 kBSize

0 Cookies

1 Outgoing links

Redirected requests

4 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

fb-account-at-risk.glitch.me Open in urlscan Pro
34.193.166.25 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

4
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

1
Countries

44 kB
Transfer

42 kB
Size

0
Cookies

4 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!