urlscan.io logo urlscan.io
SecurityTrails logo

request-account-verification.glitch.me Open in urlscan Pro
34.228.91.241  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://request-account-verification.glitch.me/submit-form.php
Submission: On September 30 via manual from PL — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 4 HTTP transactions. The main IP is 34.228.91.241, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is request-account-verification.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 22nd 2023. Valid for: a year.
This is the only time request-account-verification.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
2 34.228.91.241 14618 (AMAZON-AES)
1 35.186.245.55 15169 (GOOGLE)
1 151.101.66.132 54113 (FASTLY)
4 3
Apex Domain
Subdomains		 Transfer
2 glitch.me
request-account-verification.glitch.me
5 KB
1 glitch.global
cdn.glitch.global — Cisco Umbrella Rank: 391200
7 KB
1 repl.co
violation--appeal-page.repl.co
40 KB
4 3
Domain Requested by
2 request-account-verification.glitch.me request-account-verification.glitch.me
1 cdn.glitch.global request-account-verification.glitch.me
1 violation--appeal-page.repl.co request-account-verification.glitch.me
4 3

This site contains no links.

Subject Issuer Validity Valid
glitch.com
Amazon RSA 2048 M01		 2023-02-22 -
2024-02-01		 a year crt.sh
repl.co
GTS CA 1P5		 2023-08-21 -
2023-11-19		 3 months crt.sh
cdn.glitch.global
R3		 2023-08-04 -
2023-11-02		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://request-account-verification.glitch.me/submit-form.php
Frame ID: 3D80F302DD073E41137C4930CCB3116E
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Restrictions Information

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Page Statistics

4
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

52 kB
Transfer

63 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

4 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request submit-form.php
request-account-verification.glitch.me/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://request-account-verification.glitch.me/submit-form.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.91.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-91-241.compute-1.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
153b4a03a6a7ed8a99da4072c097f3a04e02586c2cee7fc685be0e5fab23d8fb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36
accept-language
pl-PL,pl;q=0.9

Response headers

content-encoding
gzip
content-length
3531
content-type
text/html; charset=UTF-8
date
Sat, 30 Sep 2023 23:56:43 GMT
server
Apache/2.4.18 (Ubuntu)
vary
Accept-Encoding
style.css
violation--appeal-page.repl.co/help/appeal/password/pass/ 		39 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://violation--appeal-page.repl.co/help/appeal/password/pass/style.css
Requested by
Host: request-account-verification.glitch.me
URL: https://request-account-verification.glitch.me/submit-form.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.245.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
55.245.186.35.bc.googleusercontent.com
Software
/
Resource Hash
c1cd63bbc4ccd6611d361a28ff04ee15469b67e231139813c2b664e26f0953d3
Security Headers
Name Value
Strict-Transport-Security max-age=4294342; includeSubDomains

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://request-account-verification.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 23:56:44 GMT
strict-transport-security
max-age=4294342; includeSubDomains
host
violation--appeal-page.repl.co
replit-cluster
global
expect-ct
max-age=2592000, report-uri="https://sentry.repl.it/api/10/security/?sentry_key=615192fd532445bfbbbe966cd7131791"
content-length
40424
content-type
text/css; charset=UTF-8
style1.css
request-account-verification.glitch.me/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://request-account-verification.glitch.me/style1.css
Requested by
Host: request-account-verification.glitch.me
URL: https://request-account-verification.glitch.me/submit-form.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.228.91.241 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-228-91-241.compute-1.amazonaws.com
Software
Apache/2.4.18 (Ubuntu) /
Resource Hash
e03ffeac4a8c76fc407678e52bc5deb4fe3d530d8be3b6e8984eac418723f6b8

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://request-account-verification.glitch.me/submit-form.php
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

date
Sat, 30 Sep 2023 23:56:43 GMT
content-encoding
gzip
last-modified
Sun, 17 Sep 2023 02:58:52 GMT
server
Apache/2.4.18 (Ubuntu)
etag
"2775-6058534a0b300-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1528
logo.png
cdn.glitch.global/95d9887f-2185-42c7-a188-6f3dd0cbab97/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.glitch.global/95d9887f-2185-42c7-a188-6f3dd0cbab97/logo.png?v=1695640834718
Requested by
Host: request-account-verification.glitch.me
URL: https://request-account-verification.glitch.me/submit-form.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
22101e9bb560e47d5bb4f1423f394921fcee2cc6a826baaa3fbc8570708d572c
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

accept-language
pl-PL,pl;q=0.9
Referer
https://request-account-verification.glitch.me/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.132 Safari/537.36

Response headers

content-security-policy
script-src 'none'
via
1.1 varnish, 1.1 varnish
date
Sat, 30 Sep 2023 23:56:44 GMT
x-amz-request-id
N7YTF6Q0ZNFXQK6E
age
477367
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
6546
x-amz-id-2
32n3IL4ynx9yfICW8Q1p0vmqyDxTTpjzueQfU+iFa14HRY7fhQEVsX5kBlZte7m4PPsQCx9MIYo=
x-served-by
cache-iad-kcgs7200048-IAD, cache-fra-eddf8230075-FRA
last-modified
Mon, 25 Sep 2023 11:20:35 GMT
server
AmazonS3
x-timer
S1696118204.050383,VS0,VE1
etag
"aecd12bde78eda424ad1dfc47cf76c83"
access-control-allow-methods
GET, HEAD, POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
11, 1

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture string| tanggallengkap object| namahari object| namabulan object| tgl number| hari number| tanggal number| bulan number| tahun function| mousedwn

0 Cookies