submit---review.glitch.me

Summary

This website contacted 3 IPs in 1 countries across 3 domains to perform 5 HTTP transactions. The main IP is 34.202.147.151, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is submit---review.glitch.me.
TLS certificate: Issued by Amazon RSA 2048 M03 on December 4th 2023. Valid for: a year.

This is the only time submit---review.glitch.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
2	34.202.147.151 34.202.147.151	14618 (AMAZON-AES) (AMAZON-AES)
2	151.101.194.132 151.101.194.132	54113 (FASTLY) (FASTLY)
1	2a02:ec80:300... 2a02:ec80:300:ed1a::2:b	14907 (WIKIMEDIA) (WIKIMEDIA)
5	3

2 34.202.147.151 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-147-151.compute-1.amazonaws.com

submit---review.glitch.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.194.132 (United States)

ASN54113 (FASTLY, US)

cdn.glitch.global	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:ec80:300:ed1a::2:b (United States)

ASN14907 (WIKIMEDIA, US)

upload.wikimedia.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	glitch.global cdn.glitch.global — Cisco Umbrella Rank: 216483	17 KB
2	glitch.me submit---review.glitch.me	28 KB
1	wikimedia.org upload.wikimedia.org — Cisco Umbrella Rank: 3060	54 KB
5	3

	Domain	Requested by
2	cdn.glitch.global	submit---review.glitch.me
2	submit---review.glitch.me	submit---review.glitch.me
1	upload.wikimedia.org
5	3

This site contains links to these domains. Also see Links.

Domain
detailed-video-29b30.web.app

Subject Issuer	Validity	Valid
glitch.com Amazon RSA 2048 M03	`2023-12-04` - `2025-01-01`	a year	crt.sh
cdn.glitch.global R3	`2024-03-31` - `2024-06-29`	3 months	crt.sh
*.wikipedia.org DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-10-18` - `2024-10-16`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://submit---review.glitch.me/
Frame ID: 6D3349D6AD38912101844F02A7684CDE
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Request Form

Page Statistics

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

99 kB
Transfer

97 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://detailed-video-29b30.web.app/detailed%20video.mp4

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
submit---review.glitch.me/ 3 KB
3 KB 410ms
156ms Document
text/html 34.202.147.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://submit---review.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.147.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-147-151.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9b4f73bc4709382cc151f4e0365b64679066f4ea4b5a86414f3fddd3f728cdb9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

accept-ranges: bytes
cache-control: no-cache
content-length: 3063
content-type: text/html; charset=utf-8
date: Sun, 14 Apr 2024 20:34:04 GMT
etag: "58ef5ec1ea6366dd8b3f3bbe96667691"
last-modified: Sun, 07 Apr 2024 16:25:36 GMT
server: AmazonS3
x-amz-id-2: 5kRRa0Dhp3pPn1If2xvi0JPklXUvhFvRukbjlo4lqGXLMQ/vKFtQHt7QoudZMcDWFvdjhusmbxg=
x-amz-request-id: WFE89G0GB50FPR1E
x-amz-server-side-encryption: AES256
x-amz-version-id: 5YLJgf4eQcmE9bLJU6bm5E3onrCh8Co7

GET
H2 200 style.css
submit---review.glitch.me/ 24 KB
24 KB 156ms
156ms Stylesheet
text/css 34.202.147.151
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://submit---review.glitch.me/style.css
Requested by: Host: submit---review.glitch.me
URL: https://submit---review.glitch.me/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.147.151 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-147-151.compute-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2ea26483bd7f9d0dd3624b29e6b36b499cd8414ae9e5cd2c3165523866129701

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://submit---review.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 20:34:04 GMT
x-amz-version-id: SRTKM6KXB557TQgIdCL4e9Cv4H_9mbVE
last-modified: Sun, 07 Apr 2024 16:25:36 GMT
server: AmazonS3
x-amz-request-id: WFECNG2Z83N1B7YA
etag: "f564d7659ab285b06ea58e27b74c4d58"
x-amz-server-side-encryption: AES256
content-type: text/css; charset=utf-8
cache-control: no-cache
accept-ranges: bytes
content-length: 24479
x-amz-id-2: 8evwyxWYq+V2olW0Pzf1gla54lBA/vuiO1alL0OFjBpJIJH93cykRVKrCtbvP55Hj5GMHwSXvsg=

GET
H2 200 IMG_20240316_125232.jpg
cdn.glitch.global/0c92fe91-f6a5-4eb7-85f9-57f29912d3f4/ 12 KB
13 KB 121ms
41ms Image
image/jpeg 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/0c92fe91-f6a5-4eb7-85f9-57f29912d3f4/IMG_20240316_125232.jpg?v=1710575596406

Requested by

Host: submit---review.glitch.me
URL: https://submit---review.glitch.me/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

83cdef6fb443c85a249211df67b2ac4c7a1f90ccdd81b5c38117798f58132063

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://submit---review.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Apr 2024 20:34:04 GMT
x-amz-request-id: T7FAMW26DN046PBX
age: 968920
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 12724
x-amz-id-2: 4s7FF4+fye1VQce09EbI1ZvA1NdEVDYbOlzmmNcJffBAWW1Ey+RPJsqwcwLtawqiakLnwJtm6r71VA2cp/ScE70KkRY5TtrTV9rfFdVZpqI=
x-served-by: cache-iad-kjyo7100145-IAD, cache-fra-etou8220063-FRA
last-modified: Sat, 16 Mar 2024 07:53:17 GMT
server: AmazonS3
x-timer: S1713126845.975199,VS0,VE1
etag: "d1064fbad13f0250dc186edf6d5017c8"
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 5, 0

GET
H2 200 video-logo.jpg
cdn.glitch.global/3b9c0936-6e58-4ace-bab9-026d99a84875/ 4 KB
5 KB 119ms
39ms Image
image/jpeg 151.101.194.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.glitch.global/3b9c0936-6e58-4ace-bab9-026d99a84875/video-logo.jpg?v=1710497688611

Requested by

Host: submit---review.glitch.me
URL: https://submit---review.glitch.me/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

151.101.194.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

fc59f3622770b4b99411b55860b6631dd3b75cb3c7ce090a014b4486ef1c13de

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://submit---review.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: script-src 'none'
via: 1.1 varnish, 1.1 varnish
date: Sun, 14 Apr 2024 20:34:04 GMT
x-amz-request-id: N4YQTQ90SQTK6Y9R
age: 1524314
x-amz-server-side-encryption: AES256
x-cache: HIT, HIT
content-length: 4294
x-amz-id-2: MN+91tJAg7z5Ze3LcXpRQ8g6O5B0WVQt7ZeMbjGiGJeJhZuIvDgiV/esYpw3/5hNkGx+82gHgOzUAQi9eO/9NA==
x-served-by: cache-iad-kcgs7200036-IAD, cache-fra-etou8220063-FRA
last-modified: Fri, 15 Mar 2024 10:14:49 GMT
server: AmazonS3
x-timer: S1713126845.974958,VS0,VE1
etag: "11866df30cf7d0b1b4fd22c64bd29efd"
access-control-allow-methods: GET, HEAD, POST
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 32, 1

GET
H2 200 Facebook_Logo_2023.png
upload.wikimedia.org/wikipedia/commons/6/6c/ 53 KB
54 KB 168ms
83ms Other
image/png 2a02:ec80:300:ed1a::2:b
WIKIMEDIA

General

Check archive.org

Show headers Download Go to

Full URL

https://upload.wikimedia.org/wikipedia/commons/6/6c/Facebook_Logo_2023.png

Protocol

H2

Security

TLS 1.3, , AES_256_GCM

Server

2a02:ec80:300:ed1a::2:b , United States, ASN14907 (WIKIMEDIA, US),

Reverse DNS

Software

ATS/9.1.4 /

Resource Hash

2adfd474d91fd20c51084309ed000c1ae6cc7f5f70af14d375930f5a71301308

Security Headers

Name	Value
Strict-Transport-Security	max-age=106384710; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://submit---review.glitch.me/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 14 Apr 2024 14:59:40 GMT
strict-transport-security: max-age=106384710; includeSubDomains; preload
x-content-type-options: nosniff
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
age: 20064
x-cache-status: hit-front
x-cache: cp3075 miss, cp3075 hit/33
server-timing: cache;desc="hit-front", host;desc="cp3075"
content-length: 54771
x-client-ip: 2a01:4a0:1338:92::8
x-object-meta-sha1base36: khqfbdm55vq0s0y0eqr5onb4hjn6qc9
last-modified: Wed, 11 Oct 2023 12:15:27 GMT
server: ATS/9.1.4
etag: e4da23704f27c9df07e6c21a13e28bfd
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
accept-ranges: bytes
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.glitch.global
submit---review.glitch.me
upload.wikimedia.org
151.101.194.132
2a02:ec80:300:ed1a::2:b
34.202.147.151
2adfd474d91fd20c51084309ed000c1ae6cc7f5f70af14d375930f5a71301308
2ea26483bd7f9d0dd3624b29e6b36b499cd8414ae9e5cd2c3165523866129701
83cdef6fb443c85a249211df67b2ac4c7a1f90ccdd81b5c38117798f58132063
9b4f73bc4709382cc151f4e0365b64679066f4ea4b5a86414f3fddd3f728cdb9
fc59f3622770b4b99411b55860b6631dd3b75cb3c7ce090a014b4486ef1c13de

submit---review.glitch.me Open in urlscan Pro 34.202.147.151 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

5 Requests

100 %HTTPS

33 %IPv6

3 Domains

3 Subdomains

3 IPs

1 Countries

99 kBTransfer

97 kBSize

0 Cookies

1 Outgoing links

Redirected requests

5 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

0 JavaScript Global Variables

0 Cookies

Indicators

submit---review.glitch.me Open in urlscan Pro
34.202.147.151 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

5
Requests

100 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

3
IPs

1
Countries

99 kB
Transfer

97 kB
Size

0
Cookies

5 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!