submit-violation-form-15.glitch.me

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 34.195.35.45, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is submit-violation-form-15.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.

This is the only time submit-violation-form-15.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
2	34.195.35.45 34.195.35.45	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.2.132 151.101.2.132	54113 (FASTLY) (FASTLY)
1	2a02:ec80:300... 2a02:ec80:300:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
5	3

2 34.195.35.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-35-45.compute-1.amazonaws.com

submit-violation-form-15.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.2.132 (United States)

ASN54113 (FASTLY, US)

cdn.glitch.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	glitch.global cdn.glitch.global — Cisco Umbrella Rank: 216483	11 KB
2	glitch.me submit-violation-form-15.glitch.me	28 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3060	54 KB
5	3

	Domain	Requested by
2	cdn.glitch.global	submit-violation-form-15.glitch.me
2	submit-violation-form-15.glitch.me	submit-violation-form-15.glitch.me
1	upload.wikimedia.org
5	3

This site contains links to these domains. Also see Links.

Domain
detailed-video-29b30.web.app

Subject Issuer	Validity	Valid
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
cdn.glitch.global R3	`2024-03-31` - `2024-06-29`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-18` - `2024-10-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://submit-violation-form-15.glitch.me/
Frame ID: FB8377A7CF36E4D542FD5AA988925771
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Request Form

Page Statistics

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

93 kB
Transfer

90 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://detailed-video-29b30.web.app/detailed%20video.mp4

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
submit-violation-form-15.glitch.me/ 3 KB
3 KB 417ms
161ms Document
text/html 34.195.35.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://submit-violation-form-15.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.35.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-35-45.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 379f8b8c598783d82712753e05983baae06e101df74e038e11ea2b4766d4e93f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 2920
content-type: text/html; charset=utf-8
date: Sun, 14 Apr 2024 20:34:00 GMT
etag: "39921965df66395504c17b4ec9766420"
last-modified: Tue, 09 Apr 2024 07:23:19 GMT
server: AmazonS3
x-amz-id-2: AZKWYKTXyRqVv+KiLse1vXX2GP30dSg3Lk/meetC6dN8yOEMDcvxfvCOy/MmcL3LpS06emo+zsvulIrprCHjxeEB2KsLm/YB
x-amz-request-id: BMD0GNCH8R3HK28C
x-amz-server-side-encryption: AES256
x-amz-version-id: _.UgZkDWUXBjK1H7YxuBp9oAJx4TFOzB

GET
H2 200 style.css
submit-violation-form-15.glitch.me/ 24 KB
24 KB 175ms
175ms Stylesheet
text/css 34.195.35.45
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://submit-violation-form-15.glitch.me/style.css
Requested by: Host: submit-violation-form-15.glitch.me
URL: https://submit-violation-form-15.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.195.35.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-195-35-45.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2ea26483bd7f9d0dd3624b29e6b36b499cd8414ae9e5cd2c3165523866129701

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://submit-violation-form-15.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 20:34:00 GMT
x-amz-version-id: rr_7EnLtRFmnXRdZX6fMHkpTRfuaIPKq
last-modified: Tue, 09 Apr 2024 07:23:19 GMT
server: AmazonS3
x-amz-request-id: BMD2PKMDFX1WBXA7
etag: "f564d7659ab285b06ea58e27b74c4d58"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 24479
x-amz-id-2: n9n1BfAv7eZP17YOIjSZ86dD2QUY8yG6Mgcp5JRYpLHmmUIcjiqzgVlyOD7FbYgABX1mkiKiJdU=

GET
H2 200 meta-logo.png
cdn.glitch.global/3b9c0936-6e58-4ace-bab9-026d99a84875/ 6 KB
6 KB 137ms
41ms Image
image/png 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/3b9c0936-6e58-4ace-bab9-026d99a84875/meta-logo.png?v=1710497658529

Requested by

Host: submit-violation-form-15.glitch.me
URL: https://submit-violation-form-15.glitch.me/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

540d4ac3b3cdc5cf8c1d7a53998e0575439d4277232209570bc1b886b62f1155

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://submit-violation-form-15.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Apr 2024 20:34:00 GMT
x-amz-request-id: RE25R3RX6V735SXT
age: 750592
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 5891
x-amz-id-2: 47+KRJ7CRzEYHbpXASa3qzglF5kZ45RSJ+kSIxX6Nrugt5fXbTvGzku/Bf9R86MHs1dcPc38LzM=
x-served-by: cache-iad-kiad7000136-IAD, cache-fra-etou8220039-FRA
last-modified: Fri, 15 Mar 2024 10:14:18 GMT
server: AmazonS3
x-timer: S1713126840.328089,VS0,VE1
etag: "89f13a400337b02a7e619ad67bc1ef92"
access-control-allow-methods: GET, HEAD, POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 33, 0

GET
H2 200 video-logo.jpg
cdn.glitch.global/3b9c0936-6e58-4ace-bab9-026d99a84875/ 4 KB
5 KB 135ms
39ms Image
image/jpeg 151.101.2.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/3b9c0936-6e58-4ace-bab9-026d99a84875/video-logo.jpg?v=1710497688611

Requested by

Host: submit-violation-form-15.glitch.me
URL: https://submit-violation-form-15.glitch.me/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fc59f3622770b4b99411b55860b6631dd3b75cb3c7ce090a014b4486ef1c13de

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://submit-violation-form-15.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Apr 2024 20:34:00 GMT
x-amz-request-id: N4YQTQ90SQTK6Y9R
age: 1524310
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 4294
x-amz-id-2: MN+91tJAg7z5Ze3LcXpRQ8g6O5B0WVQt7ZeMbjGiGJeJhZuIvDgiV/esYpw3/5hNkGx+82gHgOzUAQi9eO/9NA==
x-served-by: cache-iad-kcgs7200036-IAD, cache-fra-etou8220039-FRA
last-modified: Fri, 15 Mar 2024 10:14:49 GMT
server: AmazonS3
x-timer: S1713126840.328059,VS0,VE1
etag: "11866df30cf7d0b1b4fd22c64bd29efd"
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 32, 0

GET
H2 200 Facebook_Logo_2023.png
upload.wikimedia.org/wikipedia/commons/6/6c/ 53 KB
54 KB 174ms
83ms Other
image/png 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to

Full URL

https://upload.wikimedia.org/wikipedia/commons/6/6c/Facebook_Logo_2023.png

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

2adfd474d91fd20c51084309ed000c1ae6cc7f5f70af14d375930f5a71301308

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://submit-violation-form-15.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 13 Apr 2024 21:51:27 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 81753
x-cache-status: hit-front
x-cache: cp3079 hit, cp3079 hit/127
server-timing: cache;desc="hit-front", host;desc="cp3079"
content-length: 54771
x-client-ip: 2a01:4a0:1338:92::4
x-object-meta-sha1base36: khqfbdm55vq0s0y0eqr5onb4hjn6qc9
last-modified: Wed, 11 Oct 2023 12:15:27 GMT
server: ATS/9.1.4
etag: e4da23704f27c9df07e6c21a13e28bfd
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.glitch.global
submit-violation-form-15.glitch.me
upload.wikimedia.org
151.101.2.132
2a02:ec80:300:ed1a::2:b
34.195.35.45
2adfd474d91fd20c51084309ed000c1ae6cc7f5f70af14d375930f5a71301308
2ea26483bd7f9d0dd3624b29e6b36b499cd8414ae9e5cd2c3165523866129701
379f8b8c598783d82712753e05983baae06e101df74e038e11ea2b4766d4e93f
540d4ac3b3cdc5cf8c1d7a53998e0575439d4277232209570bc1b886b62f1155
fc59f3622770b4b99411b55860b6631dd3b75cb3c7ce090a014b4486ef1c13de

submit-violation-form-15.glitch.me Open in urlscan Pro 34.195.35.45 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

93 kBTransfer

90 kBSize

0 Cookies

1 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

submit-violation-form-15.glitch.me Open in urlscan Pro
34.195.35.45 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

93 kB
Transfer

90 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!