Report - verifying.vercel.app/

Report Overview

Submitted URL
verifying.vercel.app/
IP
76.76.21.164
ASN
#16509 AMAZON-02
Submitted
2024-05-10 01:00:33
Access
public
Website Title
Recover Your Microsoft Account
Final URL
verifying.vercel.app/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
2
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-05-09	1.0 kB	171 kB	104.17.24.14
verifying.vercel.app	unknown	2020-01-28	2023-09-27	2024-02-22	3.2 kB	809 kB	76.76.21.164
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-10	919 B	8.1 kB	142.250.74.42
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-10	1.6 kB	50 kB	216.58.207.227
shop-cheap-backend.onrender.com	unknown	2015-03-28	2023-07-10	2024-02-22	486 B	341 B	216.24.57.252

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2024-05-10 01:00:08	low	Client IP	216.24.57.252	ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)
2024-05-10 01:00:08	low	Client IP	216.24.57.252	ET INFO Observed Online Application Hosting Domain (onrender .com in TLS SNI)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	verifying.vercel.app/	Office365
2024-05-09	medium	verifying.vercel.app/	Office365
2024-05-09	medium	verifying.vercel.app/	Office365
2024-05-09	medium	verifying.vercel.app/	Office365
2024-05-09	medium	verifying.vercel.app/	Office365
2024-05-09	medium	verifying.vercel.app/	Office365
2024-05-09	medium	verifying.vercel.app/	Office365

PhishTank

Scan Date	Severity	Indicator	Alert
2023-09-29	medium	verifying.vercel.app/	Microsoft
2023-09-29	medium	verifying.vercel.app/static/js/main.c19b2449.js	Microsoft
2023-09-29	medium	verifying.vercel.app/static/media/masthead-alt-06-wide-large.d535d8d3e3324a85213a.jpg	Microsoft
2023-09-29	medium	verifying.vercel.app/logo192.png	Microsoft
2023-09-29	medium	verifying.vercel.app/static/media/office365-logo.59d7b3f5f60ab43bb3cca838cbbcf793.svg	Microsoft
2023-09-29	medium	verifying.vercel.app/static/css/main.3fc56f48.css	Microsoft
2023-09-29	medium	verifying.vercel.app/favicon.ico	Microsoft

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	verifying.vercel.app	Sinkholed
2024-05-09	medium	verifying.vercel.app	Sinkholed
2024-05-09	medium	verifying.vercel.app	Sinkholed
2024-05-09	medium	verifying.vercel.app	Sinkholed
2024-05-09	medium	verifying.vercel.app	Sinkholed
2024-05-09	medium	verifying.vercel.app	Sinkholed
2024-05-09	medium	verifying.vercel.app	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	verifying.vercel.app/static/js/main.c19b2449.js	238 kB	2023-09-29	2024-05-10
Pretty URL verifying.vercel.app/static/js/main.c19b2449.js IP 76.76.21.164 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-29 14:13:35 Last Seen2024-05-10 03:00:34 Times Seen21 Hash 9f0a0a4a5edc4aaf3cfcbeb72b9a5f84 ecaa73e7c14b9e10183d98400571a7e05301d206 bd54a8160f9add655dd5a9d77e1894e42d37e0443a02d2929024df9ccb491141 Loading...

HTTP Transactions (15)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css

104.17.24.14

200 OK

19 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/css/all.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://verifying.vercel.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65317)
Size
19 kB (18716 bytes)
Hash
8bb6644125ddeee7a27732e86f65fa05
686e3160cff3fb1be2de10779754b40f15948208
6752b9ba151a25703b2e5d17ad9ff42615f8940b591694fa8e42ab1034f476b5

HTTP Headers

GET /ajax/libs/font-awesome/6.2.1/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://verifying.vercel.app
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Fri, 10 May 2024 01:00:07 GMT
content-type: text/css; charset=utf-8
content-length: 18716
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "6373d4a6-491c"
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1714
expires: Wed, 30 Apr 2025 01:00:07 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ofidg%2BcQ8AOY2glyoF4efM9L1cz1sOIyjiojKn784LnEHhbleFh3CArFqasTWaQZDZJuDufUABqLrJoGR0IsmBl2ut4O4GBdXIes3BOcaj4PLFE1t4p6V6PmJqDBt71fBMOkuyWj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8815fd954dfeb51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

verifying.vercel.app/

76.76.21.164

200 OK

844 B

URL User Request GET HTTP/2
verifying.vercel.app/
IP
76.76.21.164:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
HTML document, ASCII text, with very long lines (1022), with no line terminators
Size
844 B (844 bytes)
Hash
2b45fc62ad29911ab9b082bc291c7469
01ce02ac5c3d8378034ec6c4656dc42e8cd9296e
ec1e785f769a13bc0cd40be59bb94c8ea02ffa7976fb5fd42565bb7dcb825ff3

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: verifying.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 599144
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 10 May 2024 01:00:07 GMT
etag: W/"2b45fc62ad29911ab9b082bc291c7469"
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::tgq6w-1715302807513-bad0dd190fe9
X-Firefox-Spdy: h2

verifying.vercel.app/static/js/main.c19b2449.js

76.76.21.164

200 OK

81 kB

URL GET HTTP/2
verifying.vercel.app/static/js/main.c19b2449.js
IP
76.76.21.164:443
ASN
#16509 AMAZON-02

Requested by
https://verifying.vercel.app/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JavaScript source, ASCII text, with very long lines (65465)
Size
81 kB (81156 bytes)
Hash
9f0a0a4a5edc4aaf3cfcbeb72b9a5f84
ecaa73e7c14b9e10183d98400571a7e05301d206
bd54a8160f9add655dd5a9d77e1894e42d37e0443a02d2929024df9ccb491141

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/js/main.c19b2449.js HTTP/1.1
Host: verifying.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://verifying.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 26992
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="main.c19b2449.js"
content-encoding: br
content-type: application/javascript; charset=utf-8
date: Fri, 10 May 2024 01:00:07 GMT
etag: W/"9f0a0a4a5edc4aaf3cfcbeb72b9a5f84"
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::tgq6w-1715302807855-682c1c8ca955
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Roboto+Slab:400,700

142.250.74.42

200 OK

6.3 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700,900|Roboto+Slab:400,700
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://verifying.vercel.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
gzip compressed data, max compression
Size
6.3 kB (6280 bytes)
Hash
5fecf9c386f7a2fc2daceb73bd9465cd
8dbcafac147cf515d219145a9bede34567d959fe
a7f9a1d7d31079dd5a6a64ef1ac066c1198884511866eaa7bdc3802ff815ec44

HTTP Headers

GET /css?family=Roboto:300,400,500,700,900|Roboto+Slab:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://verifying.vercel.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 01:00:08 GMT
date: Fri, 10 May 2024 01:00:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2

104.17.24.14

200 OK

150 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://verifying.vercel.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150516, version 770.768
Size
150 kB (150516 bytes)
Hash
328a9d0f59f0ebb55cddac6f39995bea
c0e6e76b4a02c34656ff2a41b671e02f2821829b
8f06540fd77f1effe1e2da8ea10cec4a382dda9cc6ef05d816e1d6de444072f2

HTTP Headers

GET /ajax/libs/font-awesome/6.2.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://verifying.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Fri, 10 May 2024 01:00:08 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 150516
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "6373d4a6-24bf4"
last-modified: Tue, 15 Nov 2022 18:04:22 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 174807
expires: Wed, 30 Apr 2025 01:00:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TFdCZZqwsDzI1oeqr%2F%2BMeR2jWjwg8dKSlTEIPC8hUs1wxceNohieRXNeQnyaWoDHCqIFSDE80967wwv7AGds%2F1z5nFDelSM2DhbN%2BG9Y3O%2B1BI2VP4KWbZ70wStzYG%2FJSA0QzxCO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 8815fd97ef97b51e-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

verifying.vercel.app/static/media/masthead-alt-06-wide-large.d535d8d3e3324a85213a.jpg

76.76.21.164

200 OK

163 kB

URL GET HTTP/2
verifying.vercel.app/static/media/masthead-alt-06-wide-large.d535d8d3e3324a85213a.jpg
IP
76.76.21.164:443
ASN
#16509 AMAZON-02

Requested by
https://verifying.vercel.app/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=Rob Kalmbach], baseline, precision 8, 3000x1929, components 3
Size
163 kB (162930 bytes)
Hash
0680ba4dfe79c92490fe31fee7a2901e
b412ef3925223d2f548b2ed43197be1726dec229
0ae515749fc0277624d6a274f0db0670ba98849a473a1eef30794165544333c2

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/media/masthead-alt-06-wide-large.d535d8d3e3324a85213a.jpg HTTP/1.1
Host: verifying.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://verifying.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 26992
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="masthead-alt-06-wide-large.d535d8d3e3324a85213a.jpg"
content-type: image/jpeg
date: Fri, 10 May 2024 01:00:08 GMT
etag: "0680ba4dfe79c92490fe31fee7a2901e"
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::8lvqq-1715302808299-5246619769c1
content-length: 162930
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://verifying.vercel.app/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://verifying.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 04 May 2024 09:28:37 GMT
expires: Sun, 04 May 2025 09:28:37 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
age: 487891
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://verifying.vercel.app/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://verifying.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 01:55:00 GMT
expires: Fri, 09 May 2025 01:55:00 GMT
cache-control: public, max-age=31536000
age: 83108
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://verifying.vercel.app/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15740, version 1.0
Size
16 kB (15740 bytes)
Hash
b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://verifying.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 09 May 2024 02:32:46 GMT
expires: Fri, 09 May 2025 02:32:46 GMT
cache-control: public, max-age=31536000
age: 80842
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

verifying.vercel.app/logo192.png

76.76.21.164

200 OK

16 kB

URL GET HTTP/2
verifying.vercel.app/logo192.png
IP
76.76.21.164:443
ASN
#16509 AMAZON-02

Requested by
https://verifying.vercel.app/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced
Size
16 kB (15480 bytes)
Hash
e70f8fa2a24c76bf0b49929fe8c4126f
e30e6ea47fa150d15cfd818a27fb585de35c9e8e
98a3d34c89a52259c436313d5724e8e113f813e71ab042e7ca1598809ba20f61

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /logo192.png HTTP/1.1
Host: verifying.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://verifying.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
age: 297934
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="logo192.png"
content-type: image/png
date: Fri, 10 May 2024 01:00:08 GMT
etag: "e70f8fa2a24c76bf0b49929fe8c4126f"
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::twlc5-1715302808751-64a40fe78ccc
content-length: 15480
X-Firefox-Spdy: h2

shop-cheap-backend.onrender.com/api/passive

216.24.57.252

404 Not Found

10 B

URL GET HTTP/2
shop-cheap-backend.onrender.com/api/passive
IP
216.24.57.252:443
ASN
#397273 RENDER

Requested by
https://verifying.vercel.app/
Certificate
IssuerCloudflare, Inc.
Subjectonrender.com
FingerprintB7:65:A0:75:AB:ED:1F:46:38:65:09:F8:7D:73:8E:39:DD:A0:ED:50
ValiditySun, 17 Sep 2023 00:00:00 GMT - Mon, 16 Sep 2024 23:59:59 GMT

File type
ASCII text
Size
10 B (10 bytes)
Hash
ef81e41d11c9e7193ddd3d470dbb3eda
0c15d12755a0be84e6403445c427231c274919c6
7515bf959b73b956ceb967351c7e299cbb3668a53d35f9c770eb72e00d93ced6

HTTP Headers

GET /api/passive HTTP/1.1
Host: shop-cheap-backend.onrender.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://verifying.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://verifying.vercel.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
date: Fri, 10 May 2024 01:00:09 GMT
content-type: text/plain; charset=utf-8
content-length: 10
cf-ray: 8815fd9969e61c06-OSL
cf-cache-status: DYNAMIC
x-content-type-options: nosniff
x-render-routing: no-server
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

verifying.vercel.app/static/media/office365-logo.59d7b3f5f60ab43bb3cca838cbbcf793.svg

76.76.21.164

200 OK

9.2 kB

URL GET HTTP/2
verifying.vercel.app/static/media/office365-logo.59d7b3f5f60ab43bb3cca838cbbcf793.svg
IP
76.76.21.164:443
ASN
#16509 AMAZON-02

Requested by
https://verifying.vercel.app/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
SVG Scalable Vector Graphics image
Size
9.2 kB (9233 bytes)
Hash
9c0ad915cd32d2532bd0d60f107288ca
8ff7c08f4d4c25efdeafcfdf7b20c55466f8a670
81183aed96a60d2c49fef471513168bf3011329c2aaf323325e9c7759cc7e4a4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/media/office365-logo.59d7b3f5f60ab43bb3cca838cbbcf793.svg HTTP/1.1
Host: verifying.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://verifying.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
age: 26992
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="office365-logo.59d7b3f5f60ab43bb3cca838cbbcf793.svg"
content-encoding: br
content-type: image/svg+xml
date: Fri, 10 May 2024 01:00:08 GMT
etag: W/"9c0ad915cd32d2532bd0d60f107288ca"
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::8lvqq-1715302808293-4ae124b2222e
X-Firefox-Spdy: h2

fonts.googleapis.com/icon?family=Material+Icons+Round

142.250.74.42

200 OK

596 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons+Round
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://verifying.vercel.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text, with very long lines (619), with no line terminators
Size
596 B (596 bytes)
Hash
14936975c458213ae66159063ae52bbf
4a01461ca2f51c77a47df695d7778a145b74708e
0358795fa33c384bc907e6c8ebab6e924df77e783e275a22abbb0ffca1bb21b9

HTTP Headers

GET /icon?family=Material+Icons+Round HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://verifying.vercel.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 10 May 2024 01:00:08 GMT
date: Fri, 10 May 2024 01:00:08 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

verifying.vercel.app/static/css/main.3fc56f48.css

76.76.21.164

200 OK

521 kB

URL GET HTTP/2
verifying.vercel.app/static/css/main.3fc56f48.css
IP
76.76.21.164:443
ASN
#16509 AMAZON-02

Requested by
https://verifying.vercel.app/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type

Size
521 kB (520652 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /static/css/main.3fc56f48.css HTTP/1.1
Host: verifying.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://verifying.vercel.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 26992
cache-control: s-maxage=31536000, immutable
content-disposition: inline; filename="main.3fc56f48.css"
content-encoding: br
content-type: text/css; charset=utf-8
date: Fri, 10 May 2024 01:00:07 GMT
etag: W/"aff584e4190d62a24f8ad47693a67bf1"
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::mvbtr-1715302807862-cf75e823dd45
X-Firefox-Spdy: h2

verifying.vercel.app/favicon.ico

76.76.21.164

200 OK

15 kB

URL GET HTTP/2
verifying.vercel.app/favicon.ico
IP
76.76.21.164:443
ASN
#16509 AMAZON-02

Requested by
https://verifying.vercel.app/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
15 kB (15406 bytes)
Hash
7fc9f8e45c802374d617b62fab644a5e
d7044cb20c36c64a4b3cd6dcf1c7dfb9856bc4f1
6f5726b5226f0c8c147e8d5bb44a8dba7e5bdb3830815118bc5c24edc730711a

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Office365
PhishTank	phishing	Microsoft
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: verifying.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://verifying.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 297933
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="favicon.ico"
content-encoding: br
content-type: image/vnd.microsoft.icon
date: Fri, 10 May 2024 01:00:08 GMT
etag: W/"7fc9f8e45c802374d617b62fab644a5e"
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::j2sts-1715302808732-5d10ef589328
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers