Report - remove-violation-your-account.vercel.app/

Report Overview

Submitted URL
remove-violation-your-account.vercel.app/
IP
76.76.21.98
ASN
#16509 AMAZON-02
Submitted
2024-04-24 05:15:35
Access
public
Website Title
Facebook Help Center
Final URL
remove-violation-your-account.vercel.app/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
staticsecure.glitch.me	unknown	unknown	No data	No data	441 B	1.5 kB	44.214.198.122
upload.wikimedia.org	2215	2003-03-16	2012-05-21	2024-04-23	486 B	56 kB	185.15.59.240
remove-violation-your-account.vercel.app	unknown	unknown	No data	No data	972 B	9.1 kB	76.76.21.98
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17	2024-04-22	515 B	5.3 kB	104.17.24.14
cdn.glitch.global	282615	2021-09-09	2022-01-13	2024-04-18	1.0 kB	24 kB	151.101.130.132

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2024-04-23	medium	remove-violation-your-account.vercel.app/	Facebook, Inc.
2024-04-23	medium	remove-violation-your-account.vercel.app/	Facebook, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	remove-violation-your-account.vercel.app/	0 B	2023-03-07	2024-05-05
Pretty URL remove-violation-your-account.vercel.app/ IP 76.76.21.98 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 22:49:22 Times Seen37371006 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	remove-violation-your-account.vercel.app/	0 B	2023-03-07	2024-05-05
Pretty URL remove-violation-your-account.vercel.app/ IP 76.76.21.98 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 22:49:22 Times Seen37371006 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js	13 kB	2023-03-07	2024-05-05
Pretty URL cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js IP 104.17.24.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:34 Last Seen2024-05-05 17:43:07 Times Seen13038 Hash 4ff108e4584780dce15d610c142c3e62 77e4519962e2f6a9fc93342137dbb31c33b76b04 fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a Loading...

	staticsecure.glitch.me/staticsecure.min.js	955 B	2024-04-24	2024-05-04
Pretty URL staticsecure.glitch.me/staticsecure.min.js IP 44.214.198.122 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-24 07:15:41 Last Seen2024-05-04 18:33:43 Times Seen4 Hash b1f0b8ee858a206b0ff693796933416e 4ade1d325e267fb9e00042652a8a037f773634b3 07b4a74f102eecf58576ae091db22cc316596afa2791bad20c25824f6519f909 Loading...

	remove-violation-your-account.vercel.app/	0 B	2023-03-07	2024-05-05
Pretty URL remove-violation-your-account.vercel.app/ IP 76.76.21.98 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-05 22:49:22 Times Seen37371006 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

HTTP Transactions (7)

URL IP Response Size

cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js

104.17.24.14

200 OK

4.3 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.2/rollups/aes.js
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://remove-violation-your-account.vercel.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (548)
Size
4.3 kB (4256 bytes)
Hash
4ff108e4584780dce15d610c142c3e62
77e4519962e2f6a9fc93342137dbb31c33b76b04
fc7e184beeda61bf6427938a84560f52348976bb55e807b224eb53930e97ef6a

HTTP Headers

GET /ajax/libs/crypto-js/3.1.2/rollups/aes.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://remove-violation-your-account.vercel.app
DNT: 1
Connection: keep-alive
Referer: https://remove-violation-your-account.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:15:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 4256
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e2d-3430"
last-modified: Mon, 04 May 2020 16:09:17 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 737472
expires: Mon, 14 Apr 2025 05:15:10 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cw%2BS7Z7DxNMCv9WENQ1m4QhR7P811gML4Cmaleakh7QIzUt%2F7bV1zcmV1UUVT2DaEoPtPgnJGDycTxdO2YRsjlH609Vib72jIkR4E26%2BZXmkSO5rOW9lmEeAMbVUJ44nhwx7N2xq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 87939d2d1ef4b524-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.glitch.global/0e876aa8-70cf-40f1-951b-94c8002e5dcc/thumbnails%2Fbluetick.png?1699082922610

151.101.130.132

200 OK

19 kB

URL GET HTTP/2
cdn.glitch.global/0e876aa8-70cf-40f1-951b-94c8002e5dcc/thumbnails%2Fbluetick.png?1699082922610
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://remove-violation-your-account.vercel.app/
Certificate
IssuerLet's Encrypt
Subjectcdn.glitch.global
FingerprintF2:EB:85:15:C1:89:0D:2A:EF:A5:2E:07:1E:4F:69:31:EF:1C:8C:06
ValiditySun, 31 Mar 2024 19:31:34 GMT - Sat, 29 Jun 2024 19:31:33 GMT

File type
PNG image data, 330 x 330, 8-bit/color RGBA, non-interlaced
Size
19 kB (19417 bytes)
Hash
c46d520b7be409ba634453a7a7ce0e00
ff85d51f9cd14054977a770d04168a72fb77e501
6c91e4f82ff598b2ac2aae3e6d19e2e2d30946097d7a7040870028b4489b7e4e

HTTP Headers

GET /0e876aa8-70cf-40f1-951b-94c8002e5dcc/thumbnails%2Fbluetick.png?1699082922610 HTTP/1.1
Host: cdn.glitch.global
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://remove-violation-your-account.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: JXBx+b9pyLOzl7CcmIohzYyXlGHSjp17JIc/G9WYCBlwr/WPwLLKeumY9wRljYInWCHqzTlrIJA=
x-amz-request-id: DWB6CB7Y8W7Q9JB3
last-modified: Sat, 04 Nov 2023 07:28:43 GMT
etag: "c46d520b7be409ba634453a7a7ce0e00"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-type: image/png
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
access-control-allow-methods: GET, HEAD, POST
access-control-allow-origin: *
content-security-policy: script-src 'none'
accept-ranges: bytes
age: 1532859
date: Wed, 24 Apr 2024 05:15:10 GMT
x-served-by: cache-iad-kiad7000132-IAD, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 276, 0
x-timer: S1713935710.339921,VS0,VE1
content-length: 19417
X-Firefox-Spdy: h2

cdn.glitch.global/42ac90ca-66bc-4886-9161-9ce099d273bc/images-fb_icon_325x325.png?v=1696896812321

151.101.130.132

200 OK

2.6 kB

URL GET HTTP/2
cdn.glitch.global/42ac90ca-66bc-4886-9161-9ce099d273bc/images-fb_icon_325x325.png?v=1696896812321
IP
151.101.130.132:443
ASN
#54113 FASTLY

Requested by
https://remove-violation-your-account.vercel.app/
Certificate
IssuerLet's Encrypt
Subjectcdn.glitch.global
FingerprintF2:EB:85:15:C1:89:0D:2A:EF:A5:2E:07:1E:4F:69:31:EF:1C:8C:06
ValiditySun, 31 Mar 2024 19:31:34 GMT - Sat, 29 Jun 2024 19:31:33 GMT

File type
PNG image data, 325 x 325, 8-bit colormap, non-interlaced
Size
2.6 kB (2613 bytes)
Hash
1b070534eb1ab6195f4fc7118dfc8be5
80a0ef7683fbff7bc75debe7cd439483d7a2f735
bc40d55fd8796c2bbd2693fd3fc4eb4ebdca9d6b02eb12b7e3efa7e53d4aaeb3

HTTP Headers

GET /42ac90ca-66bc-4886-9161-9ce099d273bc/images-fb_icon_325x325.png?v=1696896812321 HTTP/1.1
Host: cdn.glitch.global
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://remove-violation-your-account.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
x-amz-id-2: MftXGYbu5rHAHXrK6NVwEoDcGCzkJbsTHvLwhz/8/p8mn44lcfWxXF9Gcp5+2n9ujx+dJOdnoB0=
x-amz-request-id: NKRNFK2M5N3B63QZ
last-modified: Tue, 10 Oct 2023 00:15:17 GMT
etag: "1b070534eb1ab6195f4fc7118dfc8be5"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-type: image/png
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
access-control-allow-methods: GET, HEAD, POST
access-control-allow-origin: *
content-security-policy: script-src 'none'
accept-ranges: bytes
age: 582583
date: Wed, 24 Apr 2024 05:15:10 GMT
x-served-by: cache-iad-kiad7000038-IAD, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 1008, 0
x-timer: S1713935710.366041,VS0,VE0
content-length: 2613
X-Firefox-Spdy: h2

staticsecure.glitch.me/staticsecure.min.js

44.214.198.122

200 OK

955 B

URL GET HTTP/2
staticsecure.glitch.me/staticsecure.min.js
IP
44.214.198.122:443
ASN
#14618 AMAZON-AES

Requested by
https://remove-violation-your-account.vercel.app/
Certificate
IssuerAmazon
Subjectglitch.com
Fingerprint57:4F:13:8A:33:42:32:7C:F7:C9:C5:1F:DF:C1:35:65:F0:E9:70:EE
ValidityMon, 04 Dec 2023 00:00:00 GMT - Wed, 01 Jan 2025 23:59:59 GMT

File type
ASCII text, with very long lines (955), with no line terminators
Size
955 B (955 bytes)
Hash
b1f0b8ee858a206b0ff693796933416e
4ade1d325e267fb9e00042652a8a037f773634b3
07b4a74f102eecf58576ae091db22cc316596afa2791bad20c25824f6519f909

HTTP Headers

GET /staticsecure.min.js HTTP/1.1
Host: staticsecure.glitch.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://remove-violation-your-account.vercel.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 24 Apr 2024 05:15:10 GMT
content-type: application/javascript; charset=utf-8
content-length: 955
x-amz-id-2: 18L/jWDVA1iOTAZBuMZKWLHLaYRwCusHRM1Z01qaLiIUqblIVODt3ys8gL5KX7laCb1r99m32QICd01/ICRdgg==
x-amz-request-id: HXM12ZB3FFZBB4KG
last-modified: Tue, 16 Apr 2024 15:33:14 GMT
etag: "b1f0b8ee858a206b0ff693796933416e"
x-amz-server-side-encryption: AES256
cache-control: no-cache
x-amz-version-id: 4h_tlvpK2GOd3prIzlbiQVLzH3I0_CXh
accept-ranges: bytes
server: AmazonS3
X-Firefox-Spdy: h2

upload.wikimedia.org/wikipedia/commons/6/6c/Facebook_Logo_2023.png

185.15.59.240

200 OK

55 kB

URL GET HTTP/2
upload.wikimedia.org/wikipedia/commons/6/6c/Facebook_Logo_2023.png
IP
185.15.59.240:443
ASN
#14907 WIKIMEDIA

Requested by
https://remove-violation-your-account.vercel.app/
Certificate
IssuerDigiCert Inc
Subject*.wikipedia.org
Fingerprint48:3F:0C:71:F3:4A:E0:EA:30:D9:9B:D6:04:63:DC:DA:A8:F4:9D:FB
ValidityWed, 18 Oct 2023 00:00:00 GMT - Wed, 16 Oct 2024 23:59:59 GMT

File type
PNG image data, 2084 x 2084, 8-bit/color RGBA, non-interlaced
Size
55 kB (54771 bytes)
Hash
e4da23704f27c9df07e6c21a13e28bfd
af6f06778b34a6b7844168f257fff50611bc7dd9
2adfd474d91fd20c51084309ed000c1ae6cc7f5f70af14d375930f5a71301308

HTTP Headers

GET /wikipedia/commons/6/6c/Facebook_Logo_2023.png HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://remove-violation-your-account.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 23 Apr 2024 06:22:23 GMT
etag: e4da23704f27c9df07e6c21a13e28bfd
server: ATS/9.1.4
content-type: image/png
x-object-meta-sha1base36: khqfbdm55vq0s0y0eqr5onb4hjn6qc9
last-modified: Wed, 11 Oct 2023 12:15:27 GMT
content-length: 54771
age: 82367
x-cache: cp3078 hit, cp3078 hit/221
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3078"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
x-client-ip: 91.90.42.154
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

remove-violation-your-account.vercel.app/

76.76.21.98

200 OK

8.7 kB

URL User Request GET HTTP/2
remove-violation-your-account.vercel.app/
IP
76.76.21.98:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (8822), with no line terminators
Size
8.7 kB (8668 bytes)
Hash
8ae95debcc2407cf17c8546487d1ab07
ac5535959b7eaa172379144f69791317f93372f1
df2e578957907cb962804edaf620da6d0e485e23cde8ab17a17eeab7c772811d

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET / HTTP/1.1
Host: remove-violation-your-account.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
age: 40483
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 24 Apr 2024 05:15:10 GMT
etag: W/"17340ca22a2c3cb772232bff84b7b7c7"
server: Vercel
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-vercel-cache: HIT
x-vercel-id: arn1::p77zs-1713935710029-6ec841e0aaeb
X-Firefox-Spdy: h2

remove-violation-your-account.vercel.app/favicon.ico

0.0.0.0

0 B

URL GET
remove-violation-your-account.vercel.app/favicon.ico
IP
0.0.0.0:0
ASN
#0

Requested by
https://remove-violation-your-account.vercel.app/
Certificate
IssuerLet's Encrypt
Subject*.vercel.app
FingerprintAF:CF:A8:04:27:73:53:77:D1:D5:CD:E4:60:09:23:4A:DE:CA:82:C4
ValidityMon, 15 Apr 2024 01:56:22 GMT - Sun, 14 Jul 2024 01:56:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: remove-violation-your-account.vercel.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://remove-violation-your-account.vercel.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (7)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers