Report - service-registration.com/

Report Overview

Submitted URL
service-registration.com/
IP
35.227.238.222
ASN
#396982 GOOGLE-CLOUD-PLATFORM
Submitted
2024-04-24 23:38:14
Access
public
Website Title
Login | Salesforce
Final URL
service-registration.com/
Tags
salesforce phishing
urlquery detections
Phishing - Salesforce

Detections

urlquery
19
Network Intrusion Detection
0
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
service-registration.com	unknown	2022-12-14	2020-06-04	2024-01-19	2.8 kB	82 kB	35.227.238.222
cfl.dropboxstatic.com	13598	2012-09-10	2017-01-30	2024-04-23	551 B	59 kB	104.16.100.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (1)

	URL	Size	First Seen	Last Seen
	service-registration.com/dist/index.js	19 kB	2023-08-19	2024-04-25
Pretty URL service-registration.com/dist/index.js IP 35.227.238.222 ASN #396982 GOOGLE-CLOUD-PLATFORM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-19 12:39:02 Last Seen2024-04-25 01:38:14 Times Seen16 Hash 6fc3554d1d0e167f49ef221de65205ee 0c429e993f79ef67aadc9fd3532ad92e6b7dd2c0 e075e83748489c7dafbf0e645121fd765c592009d9506a581fc9e0b039d3cc05 Loading...

HTTP Transactions (7)

URL IP Response Size

service-registration.com/

35.227.238.222

200 OK

1.1 kB

URL User Request GET HTTP/2
service-registration.com/
IP
35.227.238.222:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Certificate
IssuerGoogle Trust Services LLC
Subject2b946c96a44b600e2f29a574f37b7fcf1c0a8.proxy.unbiasedsecurity.xyz
Fingerprint7D:6B:9D:DD:E2:BD:EC:81:4B:9D:A2:E8:85:99:56:72:C7:AE:A3:39
ValidityWed, 10 Apr 2024 06:01:43 GMT - Tue, 09 Jul 2024 06:54:13 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
1.1 kB (1053 bytes)
Hash
b8fb87843bcb8a829bd1e757b1b95669
3803ae513819e23063a0cc461cbb1f954d0a071f
413955c712aec7d0662674639bcc3dc3b79ef8cafcbd9d397536f87a704343bc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Salesforce

HTTP Headers

GET / HTTP/1.1
Host: service-registration.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-guploader-uploadid: ABPtcPqOxbTmwlXtwnc7RlbXwm1_QJA2NZmdHQ03Ggcs0HXfty5T1FGLCXNbS-22O65zohe49RLNanEArg
date: Wed, 24 Apr 2024 23:37:49 GMT
cache-control: private, max-age=0
expires: Wed, 24 Apr 2024 23:37:49 GMT
last-modified: Wed, 16 Aug 2023 08:46:05 GMT
etag: "b8fb87843bcb8a829bd1e757b1b95669"
x-goog-generation: 1692175564989359
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1053
content-type: text/html
x-goog-hash: crc32c=AUQklw==, md5=uPuHhDvLioKb0edXsblWaQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 1053
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

service-registration.com/assets/img/info.svg

35.227.238.222

200 OK

502 B

URL GET HTTP/3
service-registration.com/assets/img/info.svg
IP
35.227.238.222:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://service-registration.com/
Certificate
IssuerGoogle Trust Services LLC
Subject2b946c96a44b600e2f29a574f37b7fcf1c0a8.proxy.unbiasedsecurity.xyz
Fingerprint7D:6B:9D:DD:E2:BD:EC:81:4B:9D:A2:E8:85:99:56:72:C7:AE:A3:39
ValidityWed, 10 Apr 2024 06:01:43 GMT - Tue, 09 Jul 2024 06:54:13 GMT

File type
SVG Scalable Vector Graphics image
Size
502 B (502 bytes)
Hash
9edd14a6d44f7c1a97ca9f250eac7f23
b2fec7a22be4942dee520ea434c7dfba80049b1d
70de564b39aa2e5c57deb9dec0927ba50fd5226e71254eb92af187c046b6d12a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Salesforce

HTTP Headers

GET /assets/img/info.svg HTTP/1.1
Host: service-registration.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://service-registration.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
x-guploader-uploadid: ABPtcPq3ZUTiHNxLCGDidkHFtyQfrT9lFiPpRy1NtUJPCUztnHooGAqQEEYfnrgooXs9PRDCKeY
date: Wed, 24 Apr 2024 23:37:49 GMT
cache-control: private, max-age=0
expires: Wed, 24 Apr 2024 23:37:49 GMT
last-modified: Wed, 16 Aug 2023 08:46:03 GMT
etag: "9edd14a6d44f7c1a97ca9f250eac7f23"
x-goog-generation: 1692175563138824
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 502
content-type: image/svg+xml
x-goog-hash: crc32c=4Zy0nA==, md5=nt0UptRPfBqXyp8lDqx/Iw==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 502
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

service-registration.com/dist/style.css

35.227.238.222

200 OK

22 kB

URL GET HTTP/3
service-registration.com/dist/style.css
IP
35.227.238.222:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://service-registration.com/
Certificate
IssuerGoogle Trust Services LLC
Subject2b946c96a44b600e2f29a574f37b7fcf1c0a8.proxy.unbiasedsecurity.xyz
Fingerprint7D:6B:9D:DD:E2:BD:EC:81:4B:9D:A2:E8:85:99:56:72:C7:AE:A3:39
ValidityWed, 10 Apr 2024 06:01:43 GMT - Tue, 09 Jul 2024 06:54:13 GMT

File type
ASCII text, with very long lines (480)
Size
22 kB (21934 bytes)
Hash
4a7c99c50adb7ac8c5aade52c444d165
017af28ec6fc6ade95bc43e9bac9a492eb0147c9
56479763e43d2755e70cff5cc838d1e75c258f13c5a95a6b6bf313d9b6b92201

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Salesforce

HTTP Headers

GET /dist/style.css HTTP/1.1
Host: service-registration.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://service-registration.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
x-guploader-uploadid: ABPtcPo-7RcVy1c9HyXEdv-RFy3qmlty9E4wJMkBAI9ebZW72sLAgjvJSx_JR86Yut-qwbyIi0Y
date: Wed, 24 Apr 2024 23:37:49 GMT
cache-control: private, max-age=0
expires: Wed, 24 Apr 2024 23:37:49 GMT
last-modified: Wed, 16 Aug 2023 08:46:04 GMT
etag: "4a7c99c50adb7ac8c5aade52c444d165"
x-goog-generation: 1692175564810455
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 21934
content-type: text/css
x-goog-hash: crc32c=gSGmQQ==, md5=SnyZxQrbesjFqt5SxETRZQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 21934
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

service-registration.com/dist/index.js

35.227.238.222

200 OK

19 kB

URL GET HTTP/3
service-registration.com/dist/index.js
IP
35.227.238.222:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://service-registration.com/
Certificate
IssuerGoogle Trust Services LLC
Subject2b946c96a44b600e2f29a574f37b7fcf1c0a8.proxy.unbiasedsecurity.xyz
Fingerprint7D:6B:9D:DD:E2:BD:EC:81:4B:9D:A2:E8:85:99:56:72:C7:AE:A3:39
ValidityWed, 10 Apr 2024 06:01:43 GMT - Tue, 09 Jul 2024 06:54:13 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (8991)
Size
19 kB (19032 bytes)
Hash
6fc3554d1d0e167f49ef221de65205ee
0c429e993f79ef67aadc9fd3532ad92e6b7dd2c0
e075e83748489c7dafbf0e645121fd765c592009d9506a581fc9e0b039d3cc05

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Salesforce

HTTP Headers

GET /dist/index.js HTTP/1.1
Host: service-registration.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://service-registration.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
x-guploader-uploadid: ABPtcPqupEJgAO3rSwkDCLQxOc27JBXcN0hvCZA2KBovFHZfl415QKa7LCWP1hhTwJLwZ_onLG8
date: Wed, 24 Apr 2024 23:37:49 GMT
cache-control: private, max-age=0
expires: Wed, 24 Apr 2024 23:37:49 GMT
last-modified: Wed, 16 Aug 2023 08:46:04 GMT
etag: "6fc3554d1d0e167f49ef221de65205ee"
x-goog-generation: 1692175564422868
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 19032
content-type: text/javascript
x-goog-hash: crc32c=HdEqCQ==, md5=b8NVTR0OFn9J7yId5lIF7g==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 19032
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

service-registration.com/assets/img/bg-image.png

35.227.238.222

200 OK

30 kB

URL GET HTTP/3
service-registration.com/assets/img/bg-image.png
IP
35.227.238.222:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://service-registration.com/
Certificate
IssuerGoogle Trust Services LLC
Subject2b946c96a44b600e2f29a574f37b7fcf1c0a8.proxy.unbiasedsecurity.xyz
Fingerprint7D:6B:9D:DD:E2:BD:EC:81:4B:9D:A2:E8:85:99:56:72:C7:AE:A3:39
ValidityWed, 10 Apr 2024 06:01:43 GMT - Tue, 09 Jul 2024 06:54:13 GMT

File type
PNG image data, 488 x 579, 8-bit/color RGBA, non-interlaced
Size
30 kB (30305 bytes)
Hash
36c2bac53b342feeb753dce2b123008d
53a3cef3112d48e744ab0c5052350a7f9037bf14
66db279642973b97844cc80db73d5421ba9add474c53fa281bdf2b188ab9c3b0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Salesforce

HTTP Headers

GET /assets/img/bg-image.png HTTP/1.1
Host: service-registration.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://service-registration.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
x-guploader-uploadid: ABPtcPrWB0DEhnWLtxWaMubjCGGaP4Pe9yh30OKmcDsIm7fUo0ygfONZQQmG60dlVUvOhCmi20E
date: Wed, 24 Apr 2024 23:37:49 GMT
cache-control: private, max-age=0
expires: Wed, 24 Apr 2024 23:37:49 GMT
last-modified: Wed, 16 Aug 2023 08:46:02 GMT
etag: "36c2bac53b342feeb753dce2b123008d"
x-goog-generation: 1692175562293978
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 30305
content-type: image/png
x-goog-hash: crc32c=j6ba9w==, md5=NsK6xTs0L+63U9zisSMAjQ==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 30305
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

service-registration.com/assets/img/favicon.ico

35.227.238.222

200 OK

5.4 kB

URL GET HTTP/3
service-registration.com/assets/img/favicon.ico
IP
35.227.238.222:443
ASN
#396982 GOOGLE-CLOUD-PLATFORM

Requested by
https://service-registration.com/
Certificate
IssuerGoogle Trust Services LLC
Subject2b946c96a44b600e2f29a574f37b7fcf1c0a8.proxy.unbiasedsecurity.xyz
Fingerprint7D:6B:9D:DD:E2:BD:EC:81:4B:9D:A2:E8:85:99:56:72:C7:AE:A3:39
ValidityWed, 10 Apr 2024 06:01:43 GMT - Tue, 09 Jul 2024 06:54:13 GMT

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
5.4 kB (5430 bytes)
Hash
ccda8df05e9a37b3131afd4d451b44ec
ed9d0f9c4224fbd4c768be237b4b59f27f1b718c
92842fc6c2f66b46f69458c14621fc2eca5d6c02d7937f9124fe8a3a9a55bc91

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Salesforce

HTTP Headers

GET /assets/img/favicon.ico HTTP/1.1
Host: service-registration.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://service-registration.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
x-guploader-uploadid: ABPtcPqPaNjInuRnhP7rCaEPoce4FVsH-YC0SZLFi68SFvXEdwqnH9lwr-4g6XQSLA0HTv3bECY
date: Wed, 24 Apr 2024 23:37:49 GMT
cache-control: private, max-age=0
expires: Wed, 24 Apr 2024 23:37:49 GMT
last-modified: Wed, 16 Aug 2023 08:46:02 GMT
etag: "ccda8df05e9a37b3131afd4d451b44ec"
x-goog-generation: 1692175561985490
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 5430
content-type: image/vnd.microsoft.icon
x-goog-hash: crc32c=R/86hA==, md5=zNqN8F6aN7MTGv1NRRtE7A==
x-goog-storage-class: STANDARD
accept-ranges: bytes
content-length: 5430
server: UploadServer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

cfl.dropboxstatic.com/static/fonts/atlasgrotesk/AtlasGrotesk-Regular-Web.woff

104.16.100.29

200 OK

58 kB

URL GET HTTP/2
cfl.dropboxstatic.com/static/fonts/atlasgrotesk/AtlasGrotesk-Regular-Web.woff
IP
104.16.100.29:443
ASN
#13335 CLOUDFLARENET

Requested by
https://service-registration.com/
Certificate
IssuerDigiCert Inc
Subjectcfl.dropboxstatic.com
Fingerprint2D:5E:C5:0B:B7:68:C3:64:8E:19:20:D2:47:61:09:3E:51:B6:64:5B
ValidityTue, 06 Feb 2024 00:00:00 GMT - Mon, 03 Mar 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 58239, version 0.0
Size
58 kB (58239 bytes)
Hash
83bb5ae3e28afb23b4ed2ef74c272312
c79ec10c6ab82271c588b59a0dd26dc57de54843
b1f18fd551241d3efd5b9d114317f1d52c0c19677d3ece876ce75249a1e067a6

HTTP Headers

GET /static/fonts/atlasgrotesk/AtlasGrotesk-Regular-Web.woff HTTP/1.1
Host: cfl.dropboxstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://service-registration.com
DNT: 1
Connection: keep-alive
Referer: https://service-registration.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 23:37:50 GMT
content-type: font/woff
content-length: 58239
last-modified: Thu, 21 Jul 2022 07:31:18 GMT
x-dropbox-request-id: 614e77808ec6d2b6fad521e45298cb5a
x-content-type-options: nosniff
x-cached: HIT
expires: Thu, 25 Apr 2024 23:37:49 GMT
cache-control: max-age=86400
access-control-allow-origin: *
timing-allow-origin: https://www.dropbox.com
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 8799ec63ee8c56a2-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (1)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (7)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size