Report - help-id-16.29932923.com/

Report Overview

Submitted URL
help-id-16.29932923.com/
IP
103.221.220.71
ASN
#63760 AZDIGI Corporation
Submitted
2023-06-05 01:12:04
Access
public
Website Title
Final URL
Tags
suspicious
urlquery detections
Suspicious - Suspicious Javascript code

Detections

urlquery
3
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ocsp.sectigo.com	487	2018-08-16	2019-11-29	2023-06-05	660 B	1.9 kB	104.18.14.101
api.ipify.org	3267	2014-01-05	2014-10-06	2023-06-04	1.0 kB	515 B	64.185.227.155
ocsp.globalsign.com	2075	1999-04-19	2012-07-20	2023-06-04	358 B	1.9 kB	104.18.21.226
ajax.googleapis.com	12905	2005-01-25	2013-08-16	2023-06-05	440 B	32 kB	142.250.74.138
www.googletagmanager.com	75	2011-11-11	2013-05-22	2023-06-05	1.9 kB	90 kB	142.250.74.40
help-id-16.29932923.com	unknown	2023-06-02	2023-06-02	2023-06-04	5.2 kB	185 kB	103.221.220.71
code.jquery.com	634	2005-12-10	2012-05-21	2023-06-04	419 B	31 kB	69.16.175.42
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-06-04	461 B	26 kB	151.101.193.229
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-06-04	1.3 kB	2.8 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator
2023-06-04	medium	help-id-16.29932923.com/
2023-06-04	medium	help-id-16.29932923.com/
2023-06-04	medium	help-id-16.29932923.com/
2023-06-04	medium	help-id-16.29932923.com/
2023-06-04	medium	help-id-16.29932923.com/
2023-06-04	medium	help-id-16.29932923.com/
2023-06-04	medium	help-id-16.29932923.com/
2023-06-04	medium	help-id-16.29932923.com/
2023-06-04	medium	help-id-16.29932923.com/
2023-06-04	medium	help-id-16.29932923.com/

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (7)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 69.16.175.42 ASN #20446 STACKPATH-CDN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-26 12:13:42 Times Seen261618 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	www.googletagmanager.com/gtag/js?id=G-TZPEP4RPE3	264 kB	2023-06-05	2023-06-05
Pretty URL www.googletagmanager.com/gtag/js?id=G-TZPEP4RPE3 IP 142.250.74.40 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-05 03:12:06 Last Seen2023-06-05 03:12:06 Times Seen2 Hash 736d2a3c8cdba2eec88d756daed7ba8a b860cb3dbca9f45d6271c80e4c1551df0b9aa305 7b2657ac02cc27a33f82051a3c601394738f334f7b438382ccf93a7b41c0aca4 Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js	90 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js IP 142.250.74.138 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-26 13:09:54 Times Seen139377 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	help-id-16.29932923.com/js/bootstrap.js	58 kB	2023-04-06	2023-12-26
Pretty URL help-id-16.29932923.com/js/bootstrap.js IP 103.221.220.71 ASN #63760 AZDIGI Corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2023-04-06 08:41:37 Last Seen2023-12-26 15:59:00 Times Seen363 Hash 47a6968d956161e0755deb063008813a 79f4dccebbec8bbcb0a75ad8a7cacfe98867a770 00b4758c4d225fb56e1e8788b971753bb00a23802cddc64224015b0fe2a588b3 Loading...

	help-id-16.29932923.com/js/common.js	15 kB	2023-05-30	2023-06-05
Pretty URL help-id-16.29932923.com/js/common.js IP 103.221.220.71 ASN #63760 AZDIGI Corporation Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-30 13:41:50 Last Seen2023-06-05 03:12:06 Times Seen3 Hash 9075943431ed5ae7d89e093da7a8e1a8 260f5d86caea26a1aa39ef324ece897f0d8d0be9 69ff1494c6f057892b67d4f1fc4a6dfc3e71650bc80025d4c1fdd6f228f21ecc Loading...

	help-id-16.29932923.com/	153 B	2023-05-26	2023-07-27
Pretty URL help-id-16.29932923.com/ IP 103.221.220.71 ASN #63760 AZDIGI Corporation Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-26 10:40:45 Last Seen2023-07-27 10:42:01 Times Seen8 Hash 8fdae0e05e2aa4c8233d6c52745f1d14 cf547bf6cebd7ff6085c4188855f390c2b1c2e83 849b92bce278222237a622843ed85fa0eff67fe8cf2aa7bb7bce4fa185053bbc Loading...

	help-id-16.29932923.com/	310 B	2023-05-26	2023-08-11
Pretty URL help-id-16.29932923.com/ IP 103.221.220.71 ASN #63760 AZDIGI Corporation Introduced by scriptElement Embedded in HTML true Observations First Seen2023-05-26 10:40:45 Last Seen2023-08-11 01:35:06 Times Seen13 Hash 54bae6af5b7be71af8ff43d1cf06751f 66409d025f52bacd2ae6a5e6f2ca8d61b8a19c92 d8dd08de11bcc80e0c6cbe1ef2c6e6475c535f16140c38ed0836468a386289be Loading...

HTTP Transactions (26)

URL IP Response Size

code.jquery.com/jquery-3.6.0.min.js

69.16.175.42

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
69.16.175.42:443
ASN
#20446 STACKPATH-CDN

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
Fingerprint64:50:4C:BB:DF:F3:1D:70:CC:5D:9E:B7:BE:80:91:84:03:C1:D1:83
ValidityWed, 03 Aug 2022 00:00:00 GMT - Fri, 14 Jul 2023 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 05 Jun 2023 01:11:47 GMT
content-encoding: gzip
content-length: 30875
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15d9d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1685927507.dop228.sk1.t,1685927507.cds022.sk1.hn,1685927507.cds210.sk1.c
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

151.101.193.229

200 OK

26 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (65324)
Size
26 kB (25648 bytes)
Hash
a15c2ac3234aa8f6064ef9c1f7383c37
6e10354828454898fda80f55f3decb347fd9ed21
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

HTTP Headers

GET /npm/bootstrap@4.3.1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.3.1
x-jsd-version-type: version
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
content-encoding: br
accept-ranges: bytes
date: Mon, 05 Jun 2023 01:11:47 GMT
age: 7042322
x-served-by: cache-fra-eddf8230028-FRA, cache-bma1638-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25648
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8543a104bf352a1cf8ad1bf2e07100a2
ce7140bcab4ded21050f0249e87e9e0afdd1f94a
06a7f106970ad07a284048a8847a60121e6d64ba0baabcc00e701491aee183fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 01:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d11f1919fef5d8fccf8a87cf62ec7d61
b862276403c5375ce0cf2707ff0141d0f765fafa
7002839ec0a73f7a79f9f8720287932bd850a6a1b741ad91808e402ecb1c0d48

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 01:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.21.226

1.5 kB

URL
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
ef4f675136c2dbd1cfc0d48cc5ed16cf
a966d362742cc9c99084392d82f9d06782a69ca1
1dc0bfe7255bc30a0cce54a51a2e741434fbdf8f6676ae9a30394b1d81b73b6b

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 01:11:47 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "3E58E1424CC6BEB8A2E3F149AB1706A0A59A0823"
Expires: Mon, 05 Jun 2023 11:00:00 GMT
Last-Modified: Sun, 04 Jun 2023 23:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3502
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7d248b2bb9231c02-OSL

ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

142.250.74.138

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js
IP
142.250.74.138:443
ASN
#15169 GOOGLE

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint3F:94:23:08:F7:DB:8B:36:93:90:93:F4:9E:46:A6:6A:93:75:15:C0
ValidityFri, 19 May 2023 12:57:42 GMT - Fri, 11 Aug 2023 12:57:41 GMT

File type
ASCII text, with very long lines (65451)
Size
31 kB (31021 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /ajax/libs/jquery/3.5.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31021
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 01 Jun 2023 12:16:06 GMT
expires: Fri, 31 May 2024 12:16:06 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Fri, 08 May 2020 07:05:03 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
age: 305741
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-TZPEP4RPE3

142.250.74.40

200 OK

90 kB

URL GET HTTP/2
www.googletagmanager.com/gtag/js?id=G-TZPEP4RPE3
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type
ASCII text, with very long lines (5858)
Size
90 kB (89512 bytes)
Hash
736d2a3c8cdba2eec88d756daed7ba8a
b860cb3dbca9f45d6271c80e4c1551df0b9aa305
7b2657ac02cc27a33f82051a3c601394738f334f7b438382ccf93a7b41c0aca4

HTTP Headers

GET /gtag/js?id=G-TZPEP4RPE3 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Jun 2023 01:11:47 GMT
expires: Mon, 05 Jun 2023 01:11:47 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 89512
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

help-id-16.29932923.com/netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css

103.221.220.71

404 Not Found

1.2 kB

URL GET HTTP/2
help-id-16.29932923.com/netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css
IP
103.221.220.71:443
ASN
#63760 AZDIGI Corporation

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerLet's Encrypt
Subjecthelp-id-16.29932923.com
FingerprintBD:60:5A:77:1B:3A:B6:20:C5:DC:EC:28:D9:8D:D3:27:02:F7:6C:51
ValidityFri, 02 Jun 2023 16:35:12 GMT - Thu, 31 Aug 2023 16:35:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
openphish	Facebook, Inc.

HTTP Headers

GET /netdna.bootstrapcdn.com/font-awesome/3.2.1/css/font-awesome.css HTTP/1.1
Host: help-id-16.29932923.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 05 Jun 2023 01:11:47 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

help-id-16.29932923.com/css/app.css

103.221.220.71

200 OK

2.6 kB

URL GET HTTP/2
help-id-16.29932923.com/css/app.css
IP
103.221.220.71:443
ASN
#63760 AZDIGI Corporation

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerLet's Encrypt
Subjecthelp-id-16.29932923.com
FingerprintBD:60:5A:77:1B:3A:B6:20:C5:DC:EC:28:D9:8D:D3:27:02:F7:6C:51
ValidityFri, 02 Jun 2023 16:35:12 GMT - Thu, 31 Aug 2023 16:35:11 GMT

File type
ASCII text, with CRLF line terminators
Size
2.6 kB (2611 bytes)
Hash
36c54a0a58b0568af9972be5f4cfc64a
8da733c66745242601ddca2010055c511cbf34a9
b5f049cd8c198126f1bbbf9152357d27c5cac5f498665fcac784540ff42edab1

Detections

Analyzer	Verdict	Alert
openphish	Facebook, Inc.

HTTP Headers

GET /css/app.css HTTP/1.1
Host: help-id-16.29932923.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 01:11:47 GMT
content-type: text/css
last-modified: Sun, 21 May 2023 09:26:36 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2611
date: Mon, 05 Jun 2023 01:11:47 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

help-id-16.29932923.com/images/newlogo.jpg

103.221.220.71

200 OK

11 kB

URL GET HTTP/2
help-id-16.29932923.com/images/newlogo.jpg
IP
103.221.220.71:443
ASN
#63760 AZDIGI Corporation

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerLet's Encrypt
Subjecthelp-id-16.29932923.com
FingerprintBD:60:5A:77:1B:3A:B6:20:C5:DC:EC:28:D9:8D:D3:27:02:F7:6C:51
ValidityFri, 02 Jun 2023 16:35:12 GMT - Thu, 31 Aug 2023 16:35:11 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 192x192, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 222x71, components 3\012- data
Size
11 kB (11042 bytes)
Hash
7c56bfc371e5518efc4dddbb8b2396c8
1eb0ded5e52de04defbc6bc14164bc28b3fbff66
91902273fcd34c1dc745a12fa2f41a840e8b37949bfef4de0abb1013951986c0

Detections

Analyzer	Verdict	Alert
openphish	Facebook, Inc.

HTTP Headers

GET /images/newlogo.jpg HTTP/1.1
Host: help-id-16.29932923.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 01:11:47 GMT
content-type: image/jpeg
last-modified: Sat, 04 Mar 2023 07:19:32 GMT
accept-ranges: bytes
content-length: 11042
date: Mon, 05 Jun 2023 01:11:47 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d11f1919fef5d8fccf8a87cf62ec7d61
b862276403c5375ce0cf2707ff0141d0f765fafa
7002839ec0a73f7a79f9f8720287932bd850a6a1b741ad91808e402ecb1c0d48

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 01:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8543a104bf352a1cf8ad1bf2e07100a2
ce7140bcab4ded21050f0249e87e9e0afdd1f94a
06a7f106970ad07a284048a8847a60121e6d64ba0baabcc00e701491aee183fb

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Jun 2023 01:11:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

help-id-16.29932923.com/

103.221.220.71

200 OK

72 kB

URL User Request GET HTTP/2
help-id-16.29932923.com/
IP
103.221.220.71:443
ASN
#63760 AZDIGI Corporation

Certificate
IssuerLet's Encrypt
Subjecthelp-id-16.29932923.com
FingerprintBD:60:5A:77:1B:3A:B6:20:C5:DC:EC:28:D9:8D:D3:27:02:F7:6C:51
ValidityFri, 02 Jun 2023 16:35:12 GMT - Thu, 31 Aug 2023 16:35:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (313), with CRLF line terminators
Size
72 kB (71573 bytes)
Hash
fc3706912efde86a7a50339f5cc8ee1b
c905c4f3e2f761db7f0fbb82bdc053cf7f8f0ed2
997263dd99211e56987a38f2955ee246c1d878ecfa5334bfa6a5dc195c8f7264

Detections

Analyzer	Verdict	Alert
openphish	Facebook, Inc.

HTTP Headers

GET / HTTP/1.1
Host: help-id-16.29932923.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-powered-by: PHP/7.4.33
content-type: text/html; charset=UTF-8
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Jun 2023 01:11:47 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

help-id-16.29932923.com/images/newlogo1.png

103.221.220.71

200 OK

4.6 kB

URL GET HTTP/2
help-id-16.29932923.com/images/newlogo1.png
IP
103.221.220.71:443
ASN
#63760 AZDIGI Corporation

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerLet's Encrypt
Subjecthelp-id-16.29932923.com
FingerprintBD:60:5A:77:1B:3A:B6:20:C5:DC:EC:28:D9:8D:D3:27:02:F7:6C:51
ValidityFri, 02 Jun 2023 16:35:12 GMT - Thu, 31 Aug 2023 16:35:11 GMT

File type
PNG image data, 68 x 55, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4645 bytes)
Hash
4632b63ae6c52a32586fb3db3faf1167
7ee373c59fb93448c3d409d5683db9995570ce70
096988abc603ffc3519d70d6dcb0475bb60b72f2e490c804f03fbf111074deab

Detections

Analyzer	Verdict	Alert
openphish	Facebook, Inc.

HTTP Headers

GET /images/newlogo1.png HTTP/1.1
Host: help-id-16.29932923.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 01:11:47 GMT
content-type: image/png
last-modified: Sat, 04 Mar 2023 07:19:42 GMT
accept-ranges: bytes
content-length: 4645
date: Mon, 05 Jun 2023 01:11:47 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

help-id-16.29932923.com/kit.fontawesome.com/83fd8385f7.js

103.221.220.71

404 Not Found

1.2 kB

URL GET HTTP/2
help-id-16.29932923.com/kit.fontawesome.com/83fd8385f7.js
IP
103.221.220.71:443
ASN
#63760 AZDIGI Corporation

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerLet's Encrypt
Subjecthelp-id-16.29932923.com
FingerprintBD:60:5A:77:1B:3A:B6:20:C5:DC:EC:28:D9:8D:D3:27:02:F7:6C:51
ValidityFri, 02 Jun 2023 16:35:12 GMT - Thu, 31 Aug 2023 16:35:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

Detections

Analyzer	Verdict	Alert
openphish	Facebook, Inc.

HTTP Headers

GET /kit.fontawesome.com/83fd8385f7.js HTTP/1.1
Host: help-id-16.29932923.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 05 Jun 2023 01:11:47 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

help-id-16.29932923.com/www.google.com/recaptcha/api7d84.js?render=6LdJmj4UAAAAAIuZYXdT_YrsKuN40bwlMqdimgPl

103.221.220.71

404 Not Found

1.2 kB

URL GET HTTP/2
help-id-16.29932923.com/www.google.com/recaptcha/api7d84.js?render=6LdJmj4UAAAAAIuZYXdT_YrsKuN40bwlMqdimgPl
IP
103.221.220.71:443
ASN
#63760 AZDIGI Corporation

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerLet's Encrypt
Subjecthelp-id-16.29932923.com
FingerprintBD:60:5A:77:1B:3A:B6:20:C5:DC:EC:28:D9:8D:D3:27:02:F7:6C:51
ValidityFri, 02 Jun 2023 16:35:12 GMT - Thu, 31 Aug 2023 16:35:11 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
1.2 kB (1238 bytes)
Hash
0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807

HTTP Headers

GET /www.google.com/recaptcha/api7d84.js?render=6LdJmj4UAAAAAIuZYXdT_YrsKuN40bwlMqdimgPl HTTP/1.1
Host: help-id-16.29932923.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Mon, 05 Jun 2023 01:11:47 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

help-id-16.29932923.com/js/bootstrap.js

103.221.220.71

200 OK

15 kB

URL GET HTTP/2
help-id-16.29932923.com/js/bootstrap.js
IP
103.221.220.71:443
ASN
#63760 AZDIGI Corporation

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerLet's Encrypt
Subjecthelp-id-16.29932923.com
FingerprintBD:60:5A:77:1B:3A:B6:20:C5:DC:EC:28:D9:8D:D3:27:02:F7:6C:51
ValidityFri, 02 Jun 2023 16:35:12 GMT - Thu, 31 Aug 2023 16:35:11 GMT

File type
Unicode text, UTF-8 (with BOM) text, with very long lines (57805), with CRLF line terminators
Size
15 kB (15324 bytes)
Hash
bad28d4c647a1dce299084cb3667929e
5546c5150515d43f9bbc45e43024f1c8bb75ebab
563dcbddb6fa6ef283113ae05b984f0e5915ae2b9887dada5a6b3fcf343be4a8

Detections

Analyzer	Verdict	Alert
openphish	Facebook, Inc.

HTTP Headers

GET /js/bootstrap.js HTTP/1.1
Host: help-id-16.29932923.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 01:11:47 GMT
content-type: application/javascript
last-modified: Sat, 06 May 2023 11:07:54 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 15324
date: Mon, 05 Jun 2023 01:11:47 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

help-id-16.29932923.com/js/common.js

103.221.220.71

200 OK

3.2 kB

URL GET HTTP/2
help-id-16.29932923.com/js/common.js
IP
103.221.220.71:443
ASN
#63760 AZDIGI Corporation

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerLet's Encrypt
Subjecthelp-id-16.29932923.com
FingerprintBD:60:5A:77:1B:3A:B6:20:C5:DC:EC:28:D9:8D:D3:27:02:F7:6C:51
ValidityFri, 02 Jun 2023 16:35:12 GMT - Thu, 31 Aug 2023 16:35:11 GMT

File type
Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
3.2 kB (3162 bytes)
Hash
b65d01985671c983efd8d54900d48a31
8441668759f4ef24a526ad36a49bee59f418bd61
b766c3587dd3a9d27ec0f648922ca2fff0557a99fc82aea2cae8418746e25450

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - Suspicious Javascript code
openphish	Facebook, Inc.

HTTP Headers

GET /js/common.js HTTP/1.1
Host: help-id-16.29932923.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 01:11:47 GMT
content-type: application/javascript
last-modified: Tue, 30 May 2023 07:22:00 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3162
date: Mon, 05 Jun 2023 01:11:47 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

www.googletagmanager.com/a?v=3&t=l&pid=758659132&rv=35v0&cid=119174356&l=119174356.TC0.HTC0~*~*~GA552.569&qi=0

142.250.74.40

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?v=3&t=l&pid=758659132&rv=35v0&cid=119174356&l=119174356.TC0.HTC0~*~*~GA552.569&qi=0
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?v=3&t=l&pid=758659132&rv=35v0&cid=119174356&l=119174356.TC0.HTC0~*~*~GA552.569&qi=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:11:48 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

www.googletagmanager.com/a?v=3&t=l&pid=1724785775&rv=35v0&cid=G-TZPEP4RPE3&l=G-TZPEP4RPE3.L995.S11.Y32.E327.TC16.HTC0~gtm.init.S6.E131.TS5ogt1pdatav2.TE4.TS5ccdgalast.TE0.TS5ccdautoredact.TE2.TS5ccdconversionmarking.TE1.TS5ccdemvideo.TE4.TS5ccdemsitesearch.TE4.TS5ccdemscroll.TE0.TS5ccdempageview.TE1.TS5ccdemoutboundclick.TE2.TS5ccdemform.TE11.TS5ccdemdownload.TE4.TS5ccdgaregscope.TE3.TS5ogtgooglesignals.TE5.TS5setproductsettings.TE1.TS5ccdgafirst.TE1~gtm.js.S0.E72.TS5gct.TE0~gtm.scrollDepth.S1.E56~gtm.dom.S1.E8~gtm.load.S1.E2~gtm.init_consent.S9.E78&qi=0

142.250.74.40

200 OK

0 B

URL GET HTTP/3
www.googletagmanager.com/a?v=3&t=l&pid=1724785775&rv=35v0&cid=G-TZPEP4RPE3&l=G-TZPEP4RPE3.L995.S11.Y32.E327.TC16.HTC0~gtm.init.S6.E131.TS5ogt1pdatav2.TE4.TS5ccdgalast.TE0.TS5ccdautoredact.TE2.TS5ccdconversionmarking.TE1.TS5ccdemvideo.TE4.TS5ccdemsitesearch.TE4.TS5ccdemscroll.TE0.TS5ccdempageview.TE1.TS5ccdemoutboundclick.TE2.TS5ccdemform.TE11.TS5ccdemdownload.TE4.TS5ccdgaregscope.TE3.TS5ogtgooglesignals.TE5.TS5setproductsettings.TE1.TS5ccdgafirst.TE1~gtm.js.S0.E72.TS5gct.TE0~gtm.scrollDepth.S1.E56~gtm.dom.S1.E8~gtm.load.S1.E2~gtm.init_consent.S9.E78&qi=0
IP
142.250.74.40:443
ASN
#15169 GOOGLE

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerGoogle Trust Services LLC
Subject*.google-analytics.com
Fingerprint73:BF:B0:D4:62:48:8E:EF:09:5F:00:57:95:98:82:16:BB:07:35:0C
ValidityFri, 19 May 2023 12:53:06 GMT - Fri, 11 Aug 2023 12:53:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /a?v=3&t=l&pid=1724785775&rv=35v0&cid=G-TZPEP4RPE3&l=G-TZPEP4RPE3.L995.S11.Y32.E327.TC16.HTC0~gtm.init.S6.E131.TS5ogt1pdatav2.TE4.TS5ccdgalast.TE0.TS5ccdautoredact.TE2.TS5ccdconversionmarking.TE1.TS5ccdemvideo.TE4.TS5ccdemsitesearch.TE4.TS5ccdemscroll.TE0.TS5ccdempageview.TE1.TS5ccdemoutboundclick.TE2.TS5ccdemform.TE11.TS5ccdemdownload.TE4.TS5ccdgaregscope.TE3.TS5ogtgooglesignals.TE5.TS5setproductsettings.TE1.TS5ccdgafirst.TE1~gtm.js.S0.E72.TS5gct.TE0~gtm.scrollDepth.S1.E56~gtm.dom.S1.E8~gtm.load.S1.E2~gtm.init_consent.S9.E78&qi=0 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Mon, 05 Jun 2023 01:11:48 GMT
content-type: text/html
server: Google Tag Manager
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

help-id-16.29932923.com/images/favicon.ico

103.221.220.71

200 OK

5.4 kB

URL GET HTTP/3
help-id-16.29932923.com/images/favicon.ico
IP
103.221.220.71:443
ASN
#63760 AZDIGI Corporation

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerLet's Encrypt
Subjecthelp-id-16.29932923.com
FingerprintBD:60:5A:77:1B:3A:B6:20:C5:DC:EC:28:D9:8D:D3:27:02:F7:6C:51
ValidityFri, 02 Jun 2023 16:35:12 GMT - Thu, 31 Aug 2023 16:35:11 GMT

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
5.4 kB (5430 bytes)
Hash
de76b0c210c815ef282d5b59de8a0567
023038e2dfd649047be4fbba79c78dd80bc4cd90
c636a92a12eb33629e6dcadc67e49651ac54e8f3b18a03c805668505f05c885a

Detections

Analyzer	Verdict	Alert
openphish	Facebook, Inc.

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: help-id-16.29932923.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Cookie: _ga_TZPEP4RPE3=GS1.1.1685927507.1.0.1685927507.0.0.0; _ga=GA1.1.1844538590.1685927508
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 01:11:48 GMT
content-type: image/x-icon
last-modified: Sat, 04 Mar 2023 07:25:42 GMT
accept-ranges: bytes
content-length: 5430
date: Mon, 05 Jun 2023 01:11:48 GMT
server: LiteSpeed
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

ocsp.sectigo.com/

104.18.14.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
421f44403c3130ab03cc599c07ec256a
fcc4a4354d1f567cd0e151734db32d97bdbe2628
738e5454adbe0dea90252941434b5c7f51b05b6e6de8803e8791e385916f84e1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 01:11:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Jun 2023 00:01:06 GMT
Expires: Sun, 11 Jun 2023 00:01:05 GMT
Etag: "fcc4a4354d1f567cd0e151734db32d97bdbe2628"
Cache-Control: max-age=514218,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d248b31fe71b50c-OSL

ocsp.sectigo.com/

104.18.15.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.15.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
421f44403c3130ab03cc599c07ec256a
fcc4a4354d1f567cd0e151734db32d97bdbe2628
738e5454adbe0dea90252941434b5c7f51b05b6e6de8803e8791e385916f84e1

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Mon, 05 Jun 2023 01:11:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 04 Jun 2023 00:01:06 GMT
Expires: Sun, 11 Jun 2023 00:01:05 GMT
Etag: "fcc4a4354d1f567cd0e151734db32d97bdbe2628"
Cache-Control: max-age=514306,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7d248b31ff90b518-OSL

api.ipify.org/

64.185.227.155

200 OK

0 B

URL OPTIONS HTTP/2
api.ipify.org/
IP
64.185.227.155:443
ASN
#18450 WEBNX

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerSectigo Limited
Subject*.ipify.org
FingerprintF4:76:2D:2C:65:D1:15:BE:19:A4:C5:E0:8D:EB:89:1A:B6:75:4A:54
ValidityTue, 07 Feb 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS / HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://help-id-16.29932923.com/
Origin: https://help-id-16.29932923.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-headers: Content-Type
access-control-allow-methods: GET
access-control-allow-origin: https://help-id-16.29932923.com
date: Mon, 05 Jun 2023 01:11:48 GMT
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 0
X-Firefox-Spdy: h2

api.ipify.org/

64.185.227.155

200 OK

12 B

URL OPTIONS HTTP/2
api.ipify.org/
IP
64.185.227.155:443
ASN
#18450 WEBNX

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerSectigo Limited
Subject*.ipify.org
FingerprintF4:76:2D:2C:65:D1:15:BE:19:A4:C5:E0:8D:EB:89:1A:B6:75:4A:54
ValidityTue, 07 Feb 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d

HTTP Headers

GET / HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://help-id-16.29932923.com
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://help-id-16.29932923.com
content-type: text/plain
date: Mon, 05 Jun 2023 01:11:48 GMT
vary: Origin
content-length: 12
X-Firefox-Spdy: h2

help-id-16.29932923.com/images/email-icon-circle-28.jpg

103.221.220.71

200 OK

64 kB

URL GET HTTP/2
help-id-16.29932923.com/images/email-icon-circle-28.jpg
IP
103.221.220.71:443
ASN
#63760 AZDIGI Corporation

Requested by
https://help-id-16.29932923.com/
Certificate
IssuerLet's Encrypt
Subjecthelp-id-16.29932923.com
FingerprintBD:60:5A:77:1B:3A:B6:20:C5:DC:EC:28:D9:8D:D3:27:02:F7:6C:51
ValidityFri, 02 Jun 2023 16:35:12 GMT - Thu, 31 Aug 2023 16:35:11 GMT

File type
PNG image data, 2400 x 2400, 8-bit gray+alpha, non-interlaced\012- data
Size
64 kB (64005 bytes)
Hash
e2ec2d4b04985880f2b12ef8c92fae3e
9854092d156e4e9c25a46cf51a73e17aacce766a
726be1e116ab2ab6670d94751d0568c157a75f4e625989793fa8e9b77800caa0

Detections

Analyzer	Verdict	Alert
openphish	Facebook, Inc.

HTTP Headers

GET /images/email-icon-circle-28.jpg HTTP/1.1
Host: help-id-16.29932923.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-id-16.29932923.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Mon, 12 Jun 2023 01:11:47 GMT
content-type: image/jpeg
last-modified: Wed, 08 Mar 2023 12:15:54 GMT
accept-ranges: bytes
content-length: 64005
date: Mon, 05 Jun 2023 01:11:47 GMT
server: LiteSpeed
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (26)

URL GET HTTP/2

IP

ASN

Requested by