omniscient-mahogany-path.glitch.me Open in urlscan Pro
54.152.166.72  Malicious Activity! Public Scan

2 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request / Show response omniscient-mahogany-path.glitch.me/	37 KB 38 KB	299ms 158ms	Document text/html	54.152.166.72 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://omniscient-mahogany-path.glitch.me/ Protocol HTTP/1.1 Server 54.152.166.72 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-152-166-72.compute-1.amazonaws.com Software AmazonS3 / Resource Hash 354cff7e9f3bebf88647c099a966b9a1f1727cf4e709177bb1728f2950b5c87f Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection keep-alive Content-Length 38274 Content-Type text/html; charset=utf-8 Date Thu, 10 Aug 2023 14:07:45 GMT accept-ranges bytes cache-control no-cache etag "cef11708dfe2f8bf453d28f64a275967" last-modified Wed, 09 Aug 2023 21:43:36 GMT server AmazonS3 x-amz-id-2 U0CcF5myVmSQfi2Ly/aoIrRNcMNxXg6vfIXsEtyMASs/QFJIsFVFYJbp+83tIfIOKe70tVDfoGU= x-amz-request-id 1NZH8D48G1HN2GF3 x-amz-server-side-encryption AES256 x-amz-version-id 8IQa81fB40ouDH3EwhJgFYcr12Zrlu6Q
GET H/1.1	404 Not Found	face.css omniscient-mahogany-path.glitch.me/	0 0	259ms 146ms	Stylesheet text/html	54.152.166.72 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL http://omniscient-mahogany-path.glitch.me/face.css Requested by Host: omniscient-mahogany-path.glitch.me URL: http://omniscient-mahogany-path.glitch.me/ Protocol HTTP/1.1 Server 54.152.166.72 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-152-166-72.compute-1.amazonaws.com Software / Resource Hash Request headers accept-language de-DE,de;q=0.9 Referer http://omniscient-mahogany-path.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Thu, 10 Aug 2023 14:07:45 GMT Cache-Control max-age=0 Connection keep-alive Content-Length 3672
GET H2	200	jquery-x.x.x.js Show response betsharesss.000webhostapp.com/	289 KB 101 KB	483ms 137ms	Script application/javascript	2a02:4780:dead:5375::1 AWEX
General Check archive.org Show headers Download Go to Full URL https://betsharesss.000webhostapp.com/jquery-x.x.x.js Requested by Host: omniscient-mahogany-path.glitch.me URL: http://omniscient-mahogany-path.glitch.me/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:4780:dead:5375::1 , United States, ASN204915 (AWEX, CY), Reverse DNS Software awex / Resource Hash 85e41607f9cfef0bc1be01467a8a9dcd4d8fb40ebc3b42184644ef8939d5dd1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers accept-language de-DE,de;q=0.9 Referer http://omniscient-mahogany-path.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 14:07:45 GMT content-encoding gzip x-content-type-options nosniff last-modified Thu, 03 Aug 2023 14:11:40 GMT server awex content-type application/javascript x-xss-protection 1; mode=block x-request-id f8ebee717f2e001f7e6c571aeb55d3dc
GET H2	200	all.css use.fontawesome.com/releases/v5.7.0/css/	53 KB 12 KB	131ms 47ms	Stylesheet text/css	2606:4700:e0::ac40:670b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://use.fontawesome.com/releases/v5.7.0/css/all.css Requested by Host: omniscient-mahogany-path.glitch.me URL: http://omniscient-mahogany-path.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:670b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae Request headers Referer http://omniscient-mahogany-path.glitch.me/ Origin http://omniscient-mahogany-path.glitch.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 14:07:45 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-request-id Z6MN5S0BMB4MENRY age 38743 alt-svc h3=":443"; ma=86400 x-amz-id-2 IWehktokFU5JKkXqVDHxAzLUv9QyfznuDdapjTGiWjOpWx282C2vejljmeXBaCTnko/BvMlNCnc= last-modified Wed, 30 Jun 2021 15:45:15 GMT server cloudflare etag W/"251d28bd755f5269a4531df8a81d5664" access-control-max-age 3000 vary Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding access-control-allow-methods GET access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZrtmYwl5ywZZKoaVu4kvgHyvqjlurnQlsc1AYLoJo7Lo4k4aC48m4RQKDFszhvuh6Fo9x43Pu6rc7x1PtFeFWPmweEBw4MoqY3thxM0C3R3vFNbw04OgEITUhZdnql2vR62DpN7tu5EN%2FokBKc8%2Fuaca"}],"group":"cf-nel","max_age":604800} content-type text/css cache-control max-age=31556926 cf-ray 7f48ce953a878fe2-FRA
GET H2	200	font-awesome.min.css cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/	30 KB 6 KB	128ms 44ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Requested by Host: omniscient-mahogany-path.glitch.me URL: http://omniscient-mahogany-path.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://omniscient-mahogany-path.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 14:07:45 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 7399633 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 5631 last-modified Mon, 04 May 2020 16:10:07 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e5f-7918" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQTscNQfRJLlKQm7X9LoQtq0lI2m7yENox2g7Q6dwYnrsK9V8HdvJ4Ahqdu8lS5KF8%2B9yno4KNOIimYORsz6BjohELAxkprYaFGOTVNDG8Ei5wWAVl%2BxVCIT2LwynMIubBPbGW2hiITd1I8tR43h1NsM"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7f48ce953e969004-FRA expires Tue, 30 Jul 2024 14:07:45 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 979 B	137ms 47ms	Stylesheet text/css	2a00:1450:4001:80e::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto Requested by Host: omniscient-mahogany-path.glitch.me URL: http://omniscient-mahogany-path.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer http://omniscient-mahogany-path.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Thu, 10 Aug 2023 14:07:45 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Thu, 10 Aug 2023 12:19:38 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Thu, 10 Aug 2023 14:07:45 GMT
GET H2	200	5364c39526.js Show response kit.fontawesome.com/	11 KB 5 KB	260ms 173ms	Script text/javascript	2606:4700::6812:1734 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://kit.fontawesome.com/5364c39526.js Requested by Host: omniscient-mahogany-path.glitch.me URL: http://omniscient-mahogany-path.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 74c650cbd9c9d39071a391aa9f3b1758d9fdeeffb137ece56346816f57dd3561 Request headers Referer http://omniscient-mahogany-path.glitch.me/ Origin http://omniscient-mahogany-path.glitch.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 14:07:45 GMT content-encoding gzip cf-cache-status REVALIDATED server cloudflare vary origin, accept-encoding, access-control-request-headers, access-control-request-method access-control-max-age 3000 access-control-allow-methods GET, OPTIONS access-control-allow-origin * content-type text/javascript cache-control max-age=60, public, stale-while-revalidate=30 cf-ray 7f48ce9549382bba-FRA access-control-allow-headers accept, accept-langauge, content-language, content-type, fa-kit-token x-request-id F3nm00ETqf221p5HoOdC
GET H/1.1	200 OK	bootstrap.min.css netdna.bootstrapcdn.com/bootstrap/3.0.3/css/	97 KB 21 KB	100ms 51ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL http://netdna.bootstrapcdn.com/bootstrap/3.0.3/css/bootstrap.min.css Requested by Host: omniscient-mahogany-path.glitch.me URL: http://omniscient-mahogany-path.glitch.me/ Protocol HTTP/1.1 Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 46a2de362f54e3c988cc8c9fbf68fe12018c8ae42fe11509a747f52f17834466 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://omniscient-mahogany-path.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Date Thu, 10 Aug 2023 14:07:45 GMT Content-Encoding gzip X-Content-Type-Options nosniff CF-Cache-Status HIT CDN-EdgeStorageId 894 Age 16447451 Transfer-Encoding chunked CDN-CachedAt 08/06/2022 22:42:41 CDN-PullZone 252412 cross-origin-resource-policy cross-origin Connection keep-alive alt-svc h3=":443"; ma=86400 Last-Modified Mon, 25 Jan 2021 22:03:56 GMT CDN-ProxyVer 1.02 CDN-RequestPullCode 200 Server cloudflare ETag W/"35fc838ce584c1eb81b3bebe245442d6" Vary Accept-Encoding Content-Type text/css; charset=utf-8 Access-Control-Allow-Origin * CDN-Cache HIT CDN-Uid b1941f61-b576-4f40-80de-5677acb38f74 Cache-Control public, max-age=31919000 CDN-RequestId aeb2a8386db1ad13dd7bbe454a2f1ae3 timing-allow-origin * CDN-RequestCountryCode US CDN-Status 200 CF-RAY 7f48ce950b28365f-FRA CDN-RequestPullSuccess True
GET H2	200	free.min.css Show response ka-f.fontawesome.com/releases/v6.4.2/css/	100 KB 23 KB	138ms 50ms	Fetch text/css	2606:4700:e2::ac40:8007 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=5364c39526 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/5364c39526.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223 Request headers accept-language de-DE,de;q=0.9 Referer http://omniscient-mahogany-path.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 14:07:46 GMT via 1.1 95adda0bdbd310a1a9e4f54f540543e2.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 age 50179 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 01 Aug 2023 19:07:56 GMT server cloudflare etag W/"ae737a19e46fd502ba9cbe9e33213861" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EhDsgjgCmk3KuYopRh9kaOwhEpF%2BmfmSLgb%2BzHkMJZ25MGFV7E79KfXZQlSpBccq6NPIdz0hBB42Z7KvufwCboG8WUY4NX41QUHciZqIQtVm2No7cqtnKcekjtP1WjpTjRMXhD4EHdNuycFvm%2F9KHzbsTw%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7f48ce9b0c27bbdd-FRA access-control-allow-headers fa-kit-token x-amz-cf-id rfUGqvRMMiLduhAtPol1_lIkxmqYXXEV7BY3qoUMyBW3cjcV91J3Xg==
GET H2	200	free-v4-shims.min.css Show response ka-f.fontawesome.com/releases/v6.4.2/css/	27 KB 5 KB	136ms 48ms	Fetch text/css	2606:4700:e2::ac40:8007 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=5364c39526 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/5364c39526.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554 Request headers accept-language de-DE,de;q=0.9 Referer http://omniscient-mahogany-path.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 14:07:46 GMT via 1.1 307a3e1075dd3d0976c64513a6ec3d74.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 age 50179 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 01 Aug 2023 19:07:56 GMT server cloudflare etag W/"da06df503ced6ee507b5fb4fa0999f74" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DL5rNq47Gxj2UVXvq%2BNofNRNUrd9JnJ2UyJ5o%2B5JVk2ZlAMu4BQmHyDLGHCrfP7N02ucRsisIlzMkzydNvc7lw0Rjy3Xvj%2BKLYffvD8kizS2Pe6n4QeBM2ansjCXMWizGgW66g3lbQo1mRhD6zigQ98POg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7f48ce9b0c28bbdd-FRA access-control-allow-headers fa-kit-token x-amz-cf-id F6T88WU1npSreQeGUgJTh-IbLqMmZtV88Qu0wrhJ0Q2BrGV2oQXEhg==
GET H2	200	free-v5-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.4.2/css/	823 B 721 B	146ms 58ms	Fetch text/css	2606:4700:e2::ac40:8007 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=5364c39526 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/5364c39526.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9 Request headers accept-language de-DE,de;q=0.9 Referer http://omniscient-mahogany-path.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 14:07:46 GMT via 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 age 50179 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 01 Aug 2023 19:07:56 GMT server cloudflare etag W/"dbf296002d53e56d340b105d9d764940" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vgkxUhELYN5Y05Ai5KUhesqeUnLgI5ZPnDjZ8dESoykI4WyDAso9BSR%2BZsOk6FSPwMLY%2B6ABhgQkoL4Bj7RpMUcZsGLOAFJAvyYv7YLzNa8rMvuNwI%2BQiAbiSaFm9JraciKiUQn7My1WAUPDNwuuf2LUgg%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7f48ce9b0c29bbdd-FRA access-control-allow-headers fa-kit-token x-amz-cf-id VgXqGOTa5HU8L8m-aThgDsiZlSCtJfWCO_ddtv0Z7hJxtXz5pkz4vQ==
GET H2	200	free-v4-font-face.min.css Show response ka-f.fontawesome.com/releases/v6.4.2/css/	2 KB 1 KB	135ms 48ms	Fetch text/css	2606:4700:e2::ac40:8007 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=5364c39526 Requested by Host: kit.fontawesome.com URL: https://kit.fontawesome.com/5364c39526.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48 Request headers accept-language de-DE,de;q=0.9 Referer http://omniscient-mahogany-path.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 14:07:46 GMT via 1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront) content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 age 50179 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 last-modified Tue, 01 Aug 2023 19:07:56 GMT server cloudflare etag W/"9b853b50f37dd0ca770ce0f294d427df" access-control-max-age 3000 access-control-allow-methods GET content-type text/css access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z3o%2FuuCFRPbARnoQkKCx2l49PXKYo%2BfVPldQBAjTixT4IPuSawIILL5K7yp6zYJKkMCFL2QC0xZu41Z92A%2BXC1uxt00SCo3J%2BC2lakcqFtQ%2BXPYGE%2BS1q81z2Py1vtGvl9GiqD7tciFvFqRoZr6jfku1TQ%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding cf-ray 7f48ce9b0c2abbdd-FRA access-control-allow-headers fa-kit-token x-amz-cf-id rN2vLENVHu5FexnhgN6two7qjIsGhWdO_r0cab6RPf60cVnF6ALrrw==
GET DATA	200 OK	truncated /	11 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 651f8089835bc38b4d7a7ba7a858d89621080269a0ee207a033bab1efb035c24 Request headers accept-language de-DE,de;q=0.9 Referer http://omniscient-mahogany-path.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET DATA	200 OK	truncated /	9 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash bba16cb55bc6e6841d41d716c52f51f097f418ba2c9d5db94246a254db995145 Request headers accept-language de-DE,de;q=0.9 Referer http://omniscient-mahogany-path.glitch.me/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers Content-Type image/png
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	137ms 41ms	Font font/woff2	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin http://omniscient-mahogany-path.glitch.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Fri, 04 Aug 2023 04:06:52 GMT x-content-type-options nosniff age 554454 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 03 Aug 2024 04:06:52 GMT
GET H3	200	fontawesome-webfont.woff2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/	75 KB 76 KB	89ms 45ms	Font application/octet-stream	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 Requested by Host: cdnjs.cloudflare.com URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css Origin http://omniscient-mahogany-path.glitch.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 14:07:46 GMT strict-transport-security max-age=15780000 x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1279176 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 77160 last-modified Thu, 22 Jun 2023 11:02:18 GMT server cloudflare cf-cdnjs-via cfworker/r2 etag "64942a3a-12d68" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9K1nRX5ok%2BROn1bRhkb%2FWa%2FvxHacFfYAG3OTw%2FH1lRjobmbW3G154BfRj%2BnF04JqAwHCGUM6%2Fe9Hxm7o5kOj3nithCq1M4EKnPIsBT%2BIbb8cSvLam4FdGaWjfMmfOgSjtrW5wUvZXo0v0lvv2UDI8rW6"}],"group":"cf-nel","max_age":604800} content-type application/octet-stream; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 7f48ce9acc522c6f-FRA expires Tue, 30 Jul 2024 14:07:46 GMT
GET H2	200	free-fa-regular-400.woff2 ka-f.fontawesome.com/releases/v6.4.2/webfonts/	24 KB 24 KB	59ms 58ms	Font font/woff2	2606:4700:e2::ac40:8007 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ka-f.fontawesome.com/releases/v6.4.2/webfonts/free-fa-regular-400.woff2 Requested by Host: omniscient-mahogany-path.glitch.me URL: http://omniscient-mahogany-path.glitch.me/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e2::ac40:8007 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6fcf2a1cc0b01c13837cd5c8110ef9960ecdf7d45f37d2a4319b81eebd56db06 Request headers Referer http://omniscient-mahogany-path.glitch.me/ Origin http://omniscient-mahogany-path.glitch.me accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36 Response headers date Thu, 10 Aug 2023 14:07:46 GMT via 1.1 c1e2423613b2dcb4230386a2b285734e.cloudfront.net (CloudFront) cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-amz-cf-pop FRA56-C2 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront alt-svc h3=":443"; ma=86400 content-length 24464 last-modified Tue, 01 Aug 2023 19:25:32 GMT server cloudflare etag "e2b7a02eef2f9c93b609ba5831dc9b7f" access-control-max-age 3000 access-control-allow-methods GET content-type font/woff2 access-control-allow-origin * report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JIZks1bhaOn1s5rDwPl%2BSbUynpVlkJXapgNYbK6FdFmMVpvSFm0AZnc6ZruZs2Muc5b18isJsbMm5tRvozLwLE71H9%2FSzHce8hPDNm3qa7ygZIXBP6o3gzxnRGmpUAtkZf%2FQmKuK7OK8qEwFfeaPQPmx%2BA%3D%3D"}],"group":"cf-nel","max_age":604800} cache-control max-age=31556926 vary Accept-Encoding accept-ranges bytes cf-ray 7f48ce9b6c93bbdd-FRA access-control-allow-headers fa-kit-token x-amz-cf-id G1l_R2cid8USUYTR6U07Hto6wc3a67RjLEwnIK0VOxdq55voU-Soqw==

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| FontAwesomeKitConfig function| performAction

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://omniscient-mahogany-path.glitch.me/face.css Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

betsharesss.000webhostapp.com
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
ka-f.fontawesome.com
kit.fontawesome.com
netdna.bootstrapcdn.com
omniscient-mahogany-path.glitch.me
use.fontawesome.com
2606:4700::6811:190e
2606:4700::6812:1734
2606:4700::6812:acf
2606:4700:e0::ac40:670b
2606:4700:e2::ac40:8007
2a00:1450:4001:80e::200a
2a00:1450:4001:812::2003
2a02:4780:dead:5375::1
54.152.166.72
0e81443469aa4b967191ce19b7474eb223746a2b8d5dc42d3786da84d99dfad9
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554
289d25d68f730e581e0a16b8bee8f63a061717973f8ac8c29ccf2ba8fed15adf
354cff7e9f3bebf88647c099a966b9a1f1727cf4e709177bb1728f2950b5c87f
46a2de362f54e3c988cc8c9fbf68fe12018c8ae42fe11509a747f52f17834466
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223
651f8089835bc38b4d7a7ba7a858d89621080269a0ee207a033bab1efb035c24
6c58c4804370b9c347d517491c450416ca371fb1403aceaa1d6f751403b07c48
6fcf2a1cc0b01c13837cd5c8110ef9960ecdf7d45f37d2a4319b81eebd56db06
74c650cbd9c9d39071a391aa9f3b1758d9fdeeffb137ece56346816f57dd3561
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
85e41607f9cfef0bc1be01467a8a9dcd4d8fb40ebc3b42184644ef8939d5dd1e
afdc6bf2de981ffd7d370b76f44e7580572f197efbe214b9cfa4005d189d8eae
bba16cb55bc6e6841d41d716c52f51f097f418ba2c9d5db94246a254db995145
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615