allamericanfire.s3.us-east-005.backblazeb2.com Open in urlscan Pro
149.137.137.254 Malicious Activity! Private Scan

Go To Rescan
Add Verdict Report

URL:
https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html
Submission: On October 06 via api (October 6th 2023, 5:26:58 pm UTC) from DE — Scanned from US

Summary HTTP 17 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 1 countries across 11 domains to perform 17 HTTP transactions. The main IP is 149.137.137.254, located in United States and belongs to BACKBLAZE, US. The main domain is allamericanfire.s3.us-east-005.backblazeb2.com.
TLS certificate: Issued by R3 on July 25th 2023. Valid for: 3 months.

This is the only time allamericanfire.s3.us-east-005.backblazeb2.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: OneDrive (Online) Generic Email (Online) Generic (Online)

Domain & IP information

	IP Address	AS Autonomous System
1	149.137.137.254 149.137.137.254	40401 (BACKBLAZE) (BACKBLAZE)
1	2607:f8b0:400... 2607:f8b0:4004:c07::5f	15169 (GOOGLE) (GOOGLE)
2	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.238.62.92 34.238.62.92	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.130.132 151.101.130.132	54113 (FASTLY) (FASTLY)
6	13.224.214.127 13.224.214.127	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:440... 2606:4700:4400::6812:208a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.194.8.143 104.194.8.143	23470 (RELIABLESITE) (RELIABLESITE)
3 3	13.224.214.31 13.224.214.31	16509 (AMAZON-02) (AMAZON-02)
1	2620:0:860:ed... 2620:0:860:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
17	10

1 149.137.137.254 (United States)

ASN40401 (BACKBLAZE, US)
PTR: s3.us-east-005.backblazeb2.com

allamericanfire.s3.us-east-005.backblazeb2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4004:c07::5f (Washington, United States)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.62.92 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-62-92.compute-1.amazonaws.com

www.umassd.edu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.130.132 (United States)

ASN54113 (FASTLY, US)

cdn.glitch.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.224.214.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-127.phl50.r.cloudfront.net

cdn.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:208a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn2.downdetector.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.194.8.143 (Los Angeles, United States)

ASN23470 (RELIABLESITE, US)

i.ibb.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.214.31 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-214-31.phl50.r.cloudfront.net

cdn.glitch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:0:860:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	glitch.me cdn.glitch.me — Cisco Umbrella Rank: 71658	794 KB
3	glitch.com 3 redirects cdn.glitch.com — Cisco Umbrella Rank: 79831	1 KB
2	glitch.global cdn.glitch.global — Cisco Umbrella Rank: 216640	27 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 925	108 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3099	66 KB
1	ibb.co i.ibb.co — Cisco Umbrella Rank: 10991	35 KB
1	downdetector.com cdn2.downdetector.com — Cisco Umbrella Rank: 133306	18 KB
1	umassd.edu www.umassd.edu — Cisco Umbrella Rank: 713381	25 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 250	7 KB
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 405	30 KB
1	backblazeb2.com allamericanfire.s3.us-east-005.backblazeb2.com	30 KB
17	11

	Domain	Requested by
6	cdn.glitch.me	allamericanfire.s3.us-east-005.backblazeb2.com
3	cdn.glitch.com	3 redirects
2	cdn.glitch.global	allamericanfire.s3.us-east-005.backblazeb2.com
2	code.jquery.com	allamericanfire.s3.us-east-005.backblazeb2.com
1	upload.wikimedia.org	allamericanfire.s3.us-east-005.backblazeb2.com
1	i.ibb.co	allamericanfire.s3.us-east-005.backblazeb2.com
1	cdn2.downdetector.com	allamericanfire.s3.us-east-005.backblazeb2.com
1	www.umassd.edu	allamericanfire.s3.us-east-005.backblazeb2.com
1	cdnjs.cloudflare.com	allamericanfire.s3.us-east-005.backblazeb2.com
1	ajax.googleapis.com	allamericanfire.s3.us-east-005.backblazeb2.com
1	allamericanfire.s3.us-east-005.backblazeb2.com
17	11

This site contains no links.

Subject Issuer	Validity	Valid
backblazeb2.com R3	`2023-07-25` - `2023-10-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.umassd.edu InCommon RSA Server CA	`2022-10-07` - `2023-10-07`	a year	crt.sh
cdn.glitch.global R3	`2023-10-03` - `2024-01-01`	3 months	crt.sh
glitch.com Amazon RSA 2048 M01	`2023-02-22` - `2024-02-01`	a year	crt.sh
ibb.co R3	`2023-08-10` - `2023-11-08`	3 months	crt.sh
*.wikipedia.org R3	`2023-08-22` - `2023-11-20`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html
Frame ID: 8EB7D3E05DBECCED5A589498265A3006
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OneDrive Business File

Detected technologies

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

82 %
HTTPS

45 %
IPv6

11
Domains

11
Subdomains

10
IPs

1
Countries

1141 kB
Transfer

8943 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://cdn.glitch.com/6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png HTTP 301
https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png

Request Chain 12

https://cdn.glitch.com/6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png HTTP 301
https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png

Request Chain 13

https://cdn.glitch.com/6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png HTTP 301
https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png

17 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200 Primary Request view.html Show response
allamericanfire.s3.us-east-005.backblazeb2.com/ 30 KB
30 KB 421ms
292ms Document
text/html 149.137.137.254
BACKBLAZE

General

Check archive.org

Show headers Download Go to

Full URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 149.137.137.254 , United States, ASN40401 (BACKBLAZE, US),
Reverse DNS: s3.us-east-005.backblazeb2.com
Software: /
Resource Hash: a8da46efb9885a333c79db98acc8804ff79e7dce5239146a26aaec60b1f9ac35

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 30247
Content-Type: text/html
Date: Fri, 06 Oct 2023 17:26:52 GMT
ETag: "e1164b2973cfba29cc21dfc4804b8cf3"
Keep-Alive: timeout=5
Last-Modified: Fri, 06 Oct 2023 14:39:36 GMT
x-amz-id-2: aMw5htzdcYvg5mWV5ZPM53jj1MOw2tmHl
x-amz-meta-src_last_modified_millis: 1696337498872
x-amz-request-id: 57c50431092c6b99
x-amz-version-id: 4_z93ca87db69de0d5988b0061a_f110f23dba2fc5230_d20231006_m143936_c005_v0501010_t0056_u01696603176947

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ 84 KB
30 KB 175ms
53ms Script
text/javascript 2607:f8b0:4004:c07::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

Requested by

Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c07::5f Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 08:12:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 206066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30028
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 03 Oct 2024 08:12:27 GMT

GET
H2 200 jquery-3.1.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 101ms
27ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.1.min.js
Requested by: Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:26:53 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1812612
x-cache: HIT, HIT
content-length: 30070
x-served-by: cache-lga21947-LGA, cache-mia-kmia1760076-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1696613213.149645,VS0,VE0
etag: W/"28feccc0-152b5"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 73, 14661

GET
H2 200 jquery-3.3.1.js Show response
code.jquery.com/ 265 KB
79 KB 101ms
28ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.js
Requested by: Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad

Request headers

Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
Origin: https://allamericanfire.s3.us-east-005.backblazeb2.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:26:53 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1812563
x-cache: HIT, HIT
content-length: 80268
x-served-by: cache-lga21980-LGA, cache-mia-kmia1760027-MIA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1696613213.150791,VS0,VE0
etag: W/"28feccc0-42587"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 42, 15475

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ 19 KB
7 KB 109ms
35ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js

Requested by

Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
Origin: https://allamericanfire.s3.us-east-005.backblazeb2.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:26:53 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1926804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6157
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4af4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3nPoDXuC83rFFQQmLxayIRCcah36F4uyo8Ab4FVAu0gCWIlNSefWhuauNFtIiccE8fTbTl%2BlLywQqlzZYUleU%2FgILpq8QfwIkFoFHZkhTze%2FWtOBlcSV6MKyQGypeEXxpjFf5ECkrOS37qlBTKJH5Q3K"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 811f9ca62e170a0e-MIA
expires: Wed, 25 Sep 2024 17:26:53 GMT

GET
H2 200 OneDrive-Logo-1600x400.png
www.umassd.edu/media/umassdartmouth/cits/images/ 25 KB
25 KB 252ms
119ms Image
image/png 34.238.62.92
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.umassd.edu/media/umassdartmouth/cits/images/OneDrive-Logo-1600x400.png
Requested by: Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.62.92 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-62-92.compute-1.amazonaws.com
Software: Apache /
Resource Hash: e68e39c2c6c68d87629f4c1c1dbcec7b84be93c9dddac4b98828b955e59bb967

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:26:53 GMT
last-modified: Thu, 16 Feb 2023 02:35:57 GMT
server: Apache
etag: "62f3-5f4c80e8428a0"
vary: User-Agent
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 25331
expires: Sat, 05 Oct 2024 17:26:53 GMT

GET
H2 200 onedrive-white.png
cdn.glitch.global/40e783f7-5e41-4d58-bd89-3dba9bc66481/ 27 KB
27 KB 93ms
30ms Image
image/png 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/40e783f7-5e41-4d58-bd89-3dba9bc66481/onedrive-white.png?v=1690171539325

Requested by

Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

94f584a17bcf5868513c7e0b8a7085df161aac6fc6deef8907d1579ed8312899

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Fri, 06 Oct 2023 17:26:53 GMT
x-amz-request-id: 3H4F49PVRRNB7E4W
age: 2598208
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 27264
x-amz-id-2: Dh6KZgyDCX7O3dLse5YfpuC9pFYZ2ctfYkoadQ6EmrLEu0k0bf3XBAU0utTrp2oKIcK6X5N7aPw=
x-served-by: cache-iad-kiad7000053-IAD, cache-mia-kmia1760090-MIA
last-modified: Mon, 24 Jul 2023 04:05:40 GMT
server: AmazonS3
x-timer: S1696613213.374074,VS0,VE2
etag: "e12869e88698a7ccdef897c661e3729b"
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 313, 1

GET
H/1.1 200
OK office3651.png
cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/ 18 KB
18 KB 208ms
69ms Image
image/png 13.224.214.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/office3651.png

Requested by

Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-127.phl50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

71e729939e175f4ae9d3fcc645d6b7389ec341a47a84950e047197331fdc22f1

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 17:22:10 GMT
Via: 1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 03 Jan 2022 13:53:20 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PHL50-C1
Age: 518684
ETag: "a5cdadd60382e9ae6228121542eb1c2a"
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 18147
X-Amz-Cf-Id: VD2YqUXhs43nzxvY3fxDea5g14fIeUcsAJsfzQ-f5CAbXNbBDO6JHg==

GET
H/1.1 200
OK outlook.png
cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/ 34 KB
34 KB 208ms
69ms Image
image/png 13.224.214.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/outlook.png

Requested by

Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-127.phl50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

2f128c34e99f47c352178964fc87af68352b7395984d68313bba7a5b2647abaa

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Mon, 25 Sep 2023 11:54:28 GMT
Via: 1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 03 Jan 2022 13:54:21 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PHL50-C1
Age: 970346
ETag: "a3cdfeaf028cf60d90337ce4bb1b632f"
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 34316
X-Amz-Cf-Id: _y1tHS0JQckLGvdfkXxla0mBVw1HcY12alM4bkPMww6RRAKeYhKtSQ==

GET
H/1.1 200
OK other1.png
cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/ 21 KB
22 KB 207ms
68ms Image
image/png 13.224.214.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.me/a9c17eb8-a395-4f7a-ba3f-0e2fc9fb1237/other1.png

Requested by

Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.224.214.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-127.phl50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sat, 30 Sep 2023 17:22:10 GMT
Via: 1.1 f44c8fed96046735d6f7ada758945c4e.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 03 Jan 2022 13:54:16 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PHL50-C1
Age: 518684
ETag: "6843a244e12fab158aa189680b5e7049"
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 21882
X-Amz-Cf-Id: TBlBonM5ZTB6PHSyODD6W9SJ-w-ElvZ_1TC4D-0zlPskZ5oK4bvI3Q==

GET
H2 200 aol.png
cdn2.downdetector.com/static/uploads/logo/ 17 KB
18 KB 107ms
40ms Image
image/png 2606:4700:4400::6812:208a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn2.downdetector.com/static/uploads/logo/aol.png
Requested by: Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:208a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a9935d6d50e144151e34c0b42b5222853231ee05f51533cc8f1de146e275f8d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:26:53 GMT
x-amz-version-id: null
via: 1.1 7872759f444227d49f2a8c400db3486e.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-amz-cf-pop: MIA3-P2
age: 99926
x-cache: Hit from cloudfront
content-length: 17665
last-modified: Tue, 22 Mar 2022 18:42:42 GMT
server: cloudflare
etag: "7c7cf7681aee5e76ca1a7dbf2ec7c318"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 811f9ca7ec0cdb01-MIA
x-amz-cf-id: hjBoYDEFCzsIYbcVlAiliLiAWrjOpLayBBz_MEJllk_xaJXIvUPE_g==
expires: Sat, 05 Oct 2024 17:26:53 GMT

GET
H2 200 454-4543132-yahoo-black-yahoo-mail-icon-black.jpg
i.ibb.co/TTkHxsQ/ 35 KB
35 KB 254ms
86ms Image
image/jpeg 104.194.8.143
RELIABLESITE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://i.ibb.co/TTkHxsQ/454-4543132-yahoo-black-yahoo-mail-icon-black.jpg
Requested by: Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.194.8.143 Los Angeles, United States, ASN23470 (RELIABLESITE, US),
Reverse DNS
Software: nginx /
Resource Hash: 4ae56ccde7c68a5338111aed732ead19b449c2aecbc2e94a374e0dbacbcfdc35

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 17:26:53 GMT
last-modified: Thu, 20 Jul 2023 11:36:57 GMT
server: nginx
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 35832
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png
cdn.glitch.me/
Redirect Chain

https://cdn.glitch.com/6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png
https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png

63 KB
63 KB

85ms
73ms

Image
image/png

13.224.214.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png

Requested by

Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html

Protocol

HTTP/1.1

Server

13.224.214.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-127.phl50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

0c1ebf2bbc55550d5f3c379f178f308a1d45e4e885a623a118d3689b1be6c704

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 01 Oct 2023 22:37:25 GMT
Via: 1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 23 Aug 2021 11:51:07 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PHL50-C1
Age: 413369
ETag: "ada6a19789e5c72533c9872541ba42a6"
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 64019
X-Amz-Cf-Id: bbr-yScD75IKwVBGPSY7VHYS-gi2Aopgem5dO0HZRuMcw72WzdAc7g==

Redirect headers

Date: Fri, 06 Oct 2023 13:12:38 GMT
Via: 1.1 3a9f76e15ac64134cc339fc4f9fb6a4c.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: PHL50-C1
Age: 15256
Vary: Origin
X-Cache: Hit from cloudfront
Location: https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foffice1.png
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: zMKXFX9syZ8Mf9h2oB9SpOVK0IhFCC-TBAS9hHAFVOb6mCqkBj1ANQ==

GET
H/1.1

200
OK

6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png
cdn.glitch.me/
Redirect Chain

https://cdn.glitch.com/6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png
https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png

90 KB
91 KB

86ms
74ms

Image
image/png

13.224.214.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png

Requested by

Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html

Protocol

HTTP/1.1

Server

13.224.214.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-127.phl50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

807f4bfba1a94d05c689db0713885aa5db3b5c5d1e08fa8dafb84974a3f92bf8

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 01 Oct 2023 22:39:02 GMT
Via: 1.1 f44c8fed96046735d6f7ada758945c4e.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 23 Aug 2021 11:51:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PHL50-C1
Age: 413271
ETag: "ebc120f9e4f1a0d91e21dafd5d6d7265"
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 92621
X-Amz-Cf-Id: uM2GyniEOfSrVJ2-0oh_4jIpSUR1s_9QTPqqRvDQmI7lI_AdYuTo9w==

Redirect headers

Date: Fri, 06 Oct 2023 00:29:41 GMT
Via: 1.1 c8e0acf79809da404c9ef6a70cdd4fde.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: PHL50-C1
Age: 61033
Vary: Origin
X-Cache: Hit from cloudfront
Location: https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Foutlook2.png
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: lQeNslX2rK91UIrOOoat1_b8dmAv-7-tidf_lUVBNSfz07SYTxHl7A==

GET
H/1.1

200
OK

6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png
cdn.glitch.me/
Redirect Chain

https://cdn.glitch.com/6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png
https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png

565 KB
565 KB

87ms
71ms

Image
image/png

13.224.214.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png

Requested by

Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html

Protocol

HTTP/1.1

Server

13.224.214.127 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-214-127.phl50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

86b84a5512c4a5d4af354ca4978a018f17472e301b4ba7e86a178cdacb709bf3

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Date: Sun, 01 Oct 2023 22:42:16 GMT
Via: 1.1 cf426d8f6e10e609055662f292295434.cloudfront.net (CloudFront)
Content-Security-Policy: script-src 'none'
Last-Modified: Mon, 23 Aug 2021 11:51:10 GMT
Server: AmazonS3
X-Amz-Cf-Pop: PHL50-C1
Age: 413078
ETag: "b291bda6b904cd07b552b3ce84266143"
Vary: Origin
X-Cache: Hit from cloudfront
Content-Type: image/png
Cache-Control: max-age=31536000
Connection: keep-alive
Content-Length: 578451
X-Amz-Cf-Id: 29IEkYBNfIaqgJYbOVgGDmMTUD2SvmpDsXQPjkPW_UC5DHi2H1Cc0g==

Redirect headers

Date: Fri, 06 Oct 2023 12:22:41 GMT
Via: 1.1 fadedfea448fa31cb8aba15ba1b05064.cloudfront.net (CloudFront)
Server: AmazonS3
X-Amz-Cf-Pop: PHL50-C1
Age: 18253
Vary: Origin
X-Cache: Hit from cloudfront
Location: https://cdn.glitch.me/6ca72b66-8609-4328-9f2e-521097041961%2Fothers2.png
Connection: keep-alive
Content-Length: 0
X-Amz-Cf-Id: bygxpV0Cah34soAZU2Lhp9JLxFFGenmMEfSZhAUJpXQjpEmFTC17sQ==

GET
H2 200 2560px-Yahoo%21_%282019%29.svg.png
upload.wikimedia.org/wikipedia/commons/thumb/3/3a/Yahoo%21_%282019%29.svg/ 66 KB
66 KB 322ms
133ms Image
image/png 2620:0:860:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://upload.wikimedia.org/wikipedia/commons/thumb/3/3a/Yahoo%21_%282019%29.svg/2560px-Yahoo%21_%282019%29.svg.png

Requested by

Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2620:0:860:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

f8b9a101a5414bf92e9184b6ca7d948505c7ff24b130f70ea45eb31dbeb92bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 06 Oct 2023 14:30:33 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 10579
x-cache-status: hit-front
x-cache: cp2034 hit, cp2038 hit/2
content-disposition: inline;filename*=UTF-8''Yahoo%21_%282019%29.svg.png
server-timing: cache;desc="hit-front", host;desc="cp2038"
content-length: 67162
x-client-ip: 2001:550:1d05:1::9
last-modified: Tue, 08 Mar 2022 08:34:13 GMT
server: ATS/9.1.4
etag: 74e74876347a17d4725a8f91d8cf4387
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

GET
H2 206 video.mp4
cdn.glitch.global/8d5109a6-1873-4f95-9253-bd838b3669c7/ 7 MB
0 37ms
36ms Media
video/mp4 151.101.130.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.glitch.global/8d5109a6-1873-4f95-9253-bd838b3669c7/video.mp4

Requested by

Host: allamericanfire.s3.us-east-005.backblazeb2.com
URL: https://allamericanfire.s3.us-east-005.backblazeb2.com/view.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

Referer: https://allamericanfire.s3.us-east-005.backblazeb2.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
Range: bytes=0-

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Fri, 06 Oct 2023 17:26:53 GMT
x-amz-request-id: RBAD36K10AAQMKVD
age: 469452
x-cache: HIT, HIT
Content-Range: bytes 0-20737963/20737964
Content-Length: 20737964
x-amz-id-2: 1jJKeof52x8iNunl4s1k0rXzBmHKpWta1fTI7sppKVdcNSruMM5Wb69xHZtRf8IuFFnUS9l0Q8w=
x-served-by: cache-iad-kiad7000062-IAD, cache-mia-kmia1760090-MIA
last-modified: Mon, 04 Apr 2022 12:42:29 GMT
server: AmazonS3
x-timer: S1696613213.375262,VS0,VE1
etag: "710095c093f6424f5bad42c310538527"
access-control-allow-methods: GET, HEAD, POST
content-type: video/mp4
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 282, 0

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: OneDrive (Online) Generic Email (Online) Generic (Online)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Popper

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.downdetector.com/	1970-01-20 15:16:55	Name: __cf_bm Value: Tig651yGzBEZkJAjawy6Rv_XXwPSmMHUj0gSinmIm3M-1696613213-0-AZ1JTX1jsdaEvnzuUO8bFkzYD42A+Ge+Z4U1/ocpFstZ/lGnxtqLeW3dNZRUFQJk014ZvXKZl9jDmfHMqm9uDt0=
			www.umassd.edu/	1970-01-20 15:26:58	Name: AWSALBCORS Value: UvIFzu+dqiBzoHdm09ElXD9gUHfXi3i+bog+aZZIQLooPu7WstdT3DZkP/Drqp3wf0RLG1xSYkdfPIdJzlu6emCNSIXdnd0c5lpyWwNK3IqRu6GiyFzvCRaJwx8C

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
allamericanfire.s3.us-east-005.backblazeb2.com
cdn.glitch.com
cdn.glitch.global
cdn.glitch.me
cdn2.downdetector.com
cdnjs.cloudflare.com
code.jquery.com
i.ibb.co
upload.wikimedia.org
www.umassd.edu
104.194.8.143
13.224.214.127
13.224.214.31
149.137.137.254
151.101.130.132
2606:4700:4400::6812:208a
2606:4700::6811:190e
2607:f8b0:4004:c07::5f
2620:0:860:ed1a::2:b
2a04:4e42:600::649
34.238.62.92
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0c1ebf2bbc55550d5f3c379f178f308a1d45e4e885a623a118d3689b1be6c704
2f128c34e99f47c352178964fc87af68352b7395984d68313bba7a5b2647abaa
3a9b144d6482b78afc4e0a940a1d3c22240f14fa535b808cf4dab9635339569f
4ae56ccde7c68a5338111aed732ead19b449c2aecbc2e94a374e0dbacbcfdc35
6a9935d6d50e144151e34c0b42b5222853231ee05f51533cc8f1de146e275f8d
71e729939e175f4ae9d3fcc645d6b7389ec341a47a84950e047197331fdc22f1
807f4bfba1a94d05c689db0713885aa5db3b5c5d1e08fa8dafb84974a3f92bf8
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
86b84a5512c4a5d4af354ca4978a018f17472e301b4ba7e86a178cdacb709bf3
94f584a17bcf5868513c7e0b8a7085df161aac6fc6deef8907d1579ed8312899
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a8da46efb9885a333c79db98acc8804ff79e7dce5239146a26aaec60b1f9ac35
d8aa24ecc6cecb1a60515bc093f1c9da38a0392612d9ab8ae0f7f36e6eee1fad
e68e39c2c6c68d87629f4c1c1dbcec7b84be93c9dddac4b98828b955e59bb967
f8b9a101a5414bf92e9184b6ca7d948505c7ff24b130f70ea45eb31dbeb92bda

allamericanfire.s3.us-east-005.backblazeb2.com Open in urlscan Pro 149.137.137.254 Malicious Activity! Private Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

17 Requests

82 %HTTPS

45 %IPv6

11 Domains

11 Subdomains

10 IPs

1 Countries

1141 kBTransfer

8943 kBSize

2 Cookies

0 Outgoing links

Redirected requests

17 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

2 Cookies

Indicators

allamericanfire.s3.us-east-005.backblazeb2.com Open in urlscan Pro
149.137.137.254 Malicious Activity! Private Scan

Screenshot
Live screenshot

Full Image

17
Requests

82 %
HTTPS

45 %
IPv6

11
Domains

11
Subdomains

10
IPs

1
Countries

1141 kB
Transfer

8943 kB
Size

2
Cookies

17 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!