urlscan.io logo urlscan.io
SecurityTrails logo

fix-to-account-review-help.surge.sh Open in urlscan Pro
138.197.235.123  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://fix-to-account-review-help.surge.sh/
Effective URL: https://fix-to-account-review-help.surge.sh/
Submission: On July 15 via api from BY — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 7 HTTP transactions. The main IP is 138.197.235.123, located in Santa Clara, United States and belongs to DIGITALOCEAN-ASN, US. The main domain is fix-to-account-review-help.surge.sh.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 19th 2024. Valid for: a year.
This is the only time fix-to-account-review-help.surge.sh was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 138.197.235.123 14061 (DIGITALOC...)
1 151.101.130.132 54113 (FASTLY)
1 23.212.248.87 20940 (AKAMAI-ASN1)
1 34.117.33.233 396982 (GOOGLE-CL...)
7 5
Apex Domain
Subdomains		 Transfer
1 replit.app
account-find-issue-7136.replit.app
1 pinimg.com
i.pinimg.com — Cisco Umbrella Rank: 2625
38 KB
1 glitch.global
cdn.glitch.global — Cisco Umbrella Rank: 432012
22 KB
1 surge.sh
fix-to-account-review-help.surge.sh
2 KB
7 4
Domain Requested by
1 account-find-issue-7136.replit.app fix-to-account-review-help.surge.sh
1 i.pinimg.com fix-to-account-review-help.surge.sh
1 cdn.glitch.global fix-to-account-review-help.surge.sh
1 fix-to-account-review-help.surge.sh
7 4

This site contains no links.

Subject Issuer Validity Valid
*.surge.sh
Sectigo RSA Domain Validation Secure Server CA		 2024-04-19 -
2025-05-18		 a year crt.sh
cdn.glitch.global
R3		 2024-05-30 -
2024-08-28		 3 months crt.sh
i2.pinimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-04-23 -
2025-05-15		 a year crt.sh
replit.app
WR3		 2024-06-16 -
2024-09-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://fix-to-account-review-help.surge.sh/
Frame ID: 100F02D63F13F3C89453B905484C643E
Requests: 14 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Action | Required

Page URL History Show full URLs

  1. http://fix-to-account-review-help.surge.sh/ HTTP 307
    https://fix-to-account-review-help.surge.sh/ Page URL

Page Statistics

7
Requests

57 %
HTTPS

0 %
IPv6

4
Domains

4
Subdomains

5
IPs

1
Countries

62 kB
Transfer

4163 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://fix-to-account-review-help.surge.sh/ HTTP 307
    https://fix-to-account-review-help.surge.sh/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
fix-to-account-review-help.surge.sh/
Redirect Chain
  • http://fix-to-account-review-help.surge.sh/
  • https://fix-to-account-review-help.surge.sh/
6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fix-to-account-review-help.surge.sh/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.197.235.123 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Surge /
Resource Hash
eba81f7ff1713087a6122b09d436478eaaad9f8b1a47e914d6b4bbb5072ad1b7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Accept-Ranges
bytes
Age
527344
Cache-Control
public, max-age=0, must-revalidate
Connection
close
Content-Encoding
gzip
Content-Type
text/html; charset=UTF-8
Date
Mon, 15 Jul 2024 11:15:28 GMT
ETag
"eba81f7ff1713087a6122b09d436478eaaad9f8b1a47e914d6b4bbb5072ad1b7"
Response-Time
3ms
Server
Surge
Surge-Cache
HIT
Surge-Stamp
30975::1720514737049-a6a091e8cf3a7b0ae2c8cce4ee5d1bbc
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

Location
https://fix-to-account-review-help.surge.sh/
Non-Authoritative-Reason
HttpsUpgrades
search-icon-lob.png
cdn.glitch.global/d08141de-e7af-45a5-916b-2f09d06ac286/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.glitch.global/d08141de-e7af-45a5-916b-2f09d06ac286/search-icon-lob.png?v=1712422050841
Requested by
Host: fix-to-account-review-help.surge.sh
URL: https://fix-to-account-review-help.surge.sh/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
909bdeacc73ce22357e1b48077738bc5450cab6d1a877361b79781c56d3e713c
Security Headers
Name Value
Content-Security-Policy script-src 'none'

Request headers

Referer
https://fix-to-account-review-help.surge.sh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
script-src 'none'
via
1.1 varnish, 1.1 varnish
date
Mon, 15 Jul 2024 11:15:29 GMT
x-amz-request-id
NA0X2SGSB0ZRG3BA
age
1450783
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
21648
x-amz-id-2
haiAxUrJJW43lOgGmezdDYsuK4puiKVV1lP6AICtLzBXk9OcXtoG+bwwbZ7W7IN2Ok9HSoHwufA=
x-served-by
cache-iad-kiad7000127-IAD, cache-yyz4543-YYZ
last-modified
Sat, 06 Apr 2024 16:47:31 GMT
server
AmazonS3
x-timer
S1721042129.352357,VS0,VE1
etag
"8bd1c4ab0135fbd8041fa4d088e39e9f"
access-control-allow-methods
GET, HEAD, POST
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-cache-hits
908, 0
Meta-Logo.png
cdn.glitch.global/d08141de-e7af-45a5-916b-2f09d06ac286/ 		0
0
979569a2dedd37573974ceebc05b4a4e.png
i.pinimg.com/originals/97/95/69/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.pinimg.com/originals/97/95/69/979569a2dedd37573974ceebc05b4a4e.png
Requested by
Host: fix-to-account-review-help.surge.sh
URL: https://fix-to-account-review-help.surge.sh/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.248.87 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-212-248-87.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0141abddefa3eb01f495b0a24b07b3ce612a343ad28570f9c6d36509677363db

Request headers

Referer
https://fix-to-account-review-help.surge.sh/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

x-cdn
akamai
akamai-grn
0.5768dc17.1721042129.5b440125
etag
"60ebd61593507e23f969e083ad2894fa"
x-amz-server-side-encryption
AES256
vary
Origin
content-type
image/png
cache-control
immutable, max-age=31536000
accept-ranges
bytes
alt-svc
h3=":443"; ma=600
x-pinterest-cache-status-v2
Hit
content-length
38965
video.mp4
account-find-issue-7136.replit.app/ 		4 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://account-find-issue-7136.replit.app/video.mp4
Requested by
Host: fix-to-account-review-help.surge.sh
URL: https://fix-to-account-review-help.surge.sh/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.33.233 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
233.33.117.34.bc.googleusercontent.com
Software
Google Frontend /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains

Request headers

Referer
https://fix-to-account-review-help.surge.sh/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 15 Jul 2024 11:15:30 GMT
strict-transport-security
max-age=63072000; includeSubDomains
via
1.1 google
server
Google Frontend
content-type
video/mp4
x-cloud-trace-context
646070d4d964750d830496d3de0aba88;o=1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17044007
truncated
/ 		547 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		552 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
Facebook_Logo_2023.png
cdn.glitch.global/d08141de-e7af-45a5-916b-2f09d06ac286/ 		0
0
truncated
/ 		195 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0c7260fac65e4f7ac5cf524f8ca96efd419cbb5a9b18a3e06e44c448581e9093

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
video.mp4
account-find-issue-7136.replit.app/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.glitch.global
URL
https://cdn.glitch.global/d08141de-e7af-45a5-916b-2f09d06ac286/Meta-Logo.png?v=1712422024289
Domain
cdn.glitch.global
URL
https://cdn.glitch.global/d08141de-e7af-45a5-916b-2f09d06ac286/Facebook_Logo_2023.png?v=1712421903497
Domain
account-find-issue-7136.replit.app
URL
https://account-find-issue-7136.replit.app/video.mp4

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies