Report - www.checkinsfacebook.com/FBHJSUWC/HDHDASYL.html/

Report Overview

Visited public
2023-12-10 03:19:29
Tags
meta facebook phishing social
URL
www.checkinsfacebook.com/FBHJSUWC/HDHDASYL.html/
Finishing URL
utsavelectromech.net/help/contact/1458913990924057/confirm.html
IP / ASN
188.114.97.1
#13335 CLOUDFLARENET
Title
BUSINESS SUITE
Phishing - Facebook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.checkinsfacebook.com	unknown	unknown	No data	No data	514 B	739 B	104.21.90.93
utsavelectromech.net	unknown	unknown	No data	No data	3.6 kB	269 kB	103.227.176.27
api.ipify.org	3267	2014-01-05	2014-10-06 14:38:43	2023-12-09 12:11:51	451 B	219 B	173.231.16.77
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-12-09 10:58:51	860 B	209 kB	142.250.74.132
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-09 06:23:49	1.5 kB	206 kB	142.250.74.131
api.ipgeolocation.io	39679	2018-02-26	2018-06-28 13:07:23	2023-12-09 11:48:01	491 B	2.6 kB	104.20.62.122

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-10 03:19:12	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-12-10 03:19:12	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-12-10 03:19:12	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-12-10 03:19:12	low	Client IP	173.231.16.77	ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-09	medium	www.checkinsfacebook.com/FBHJSUWC/HDHDASYL.html/	Facebook, Inc.
2023-12-09	medium	utsavelectromech.net/	Facebook, Inc.
2023-12-09	medium	utsavelectromech.net/help/contact/1458913990924057/confirm.html	Facebook, Inc.
2023-12-09	medium	utsavelectromech.net/	Facebook, Inc.
2023-12-09	medium	utsavelectromech.net/	Facebook, Inc.
2023-12-09	medium	utsavelectromech.net/confirm.html	Facebook, Inc.
2023-12-09	medium	utsavelectromech.net/	Facebook, Inc.
2023-12-09	medium	utsavelectromech.net/	Facebook, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	www.google.com/recaptcha/api.js	ScriptElement	850 B	2023-12-05	2023-12-13
Pretty URL www.google.com/recaptcha/api.js IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 03:34 Last Seen2023-12-13 23:42 Times Seen437 Hash 44ebd3dd3d4cb39798be03e01f496b62 943076995ed7c6eb340a69e59e367f84d32571a9 a5da81b12e030d345458c196267b222170177d6908c725db868f7a42aa0a889d Loading...

	www.google.com/recaptcha/api.js?render=explicit	ScriptElement	852 B	2023-12-05	2024-08-20
Pretty URL www.google.com/recaptcha/api.js?render=explicit IP 142.250.74.132 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 02:59 Last Seen2024-08-20 16:44 Times Seen273 Hash 845a725772e2112ea1e28cb5be47ca9f 2ca60c0163f4dbd38715c538ff6027ac93db00b3 84a095eb2397a71d370f7a8a7677b757f3ded6edb7d2cd694a08b99cf6858777 Loading...

	utsavelectromech.net/help/contact/1458913990924057/confirm.html	ScriptElement	9.2 kB	2023-12-10	2024-08-20
Pretty URL utsavelectromech.net/help/contact/1458913990924057/confirm.html IP 103.227.176.27 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-10 04:12 Last Seen2024-08-20 16:13 Times Seen5 Hash 63bedebbbcbae7c6d682406bf42d1777 a6965cd993d80a276f5e030baa8ca9488e6a01a2 a17f3474facb8511918cb4ad49a7c5bb3450604165c414e4137c8564263d0822 Loading...

	www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js	ScriptElement	512 kB	2023-12-05	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js IP 142.250.74.131 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 02:59 Last Seen2024-08-20 16:44 Times Seen1421 Hash af51eb6ced1afe3f0f11ee679198808c 02b9d6a7a54f930807a01ae3cdcf462862925b40 6788908efcff931e3c0c4fb54a255932414a22e81971dcc1427c8a4f459a1fbf Loading...

HTTP Transactions (15)

URL IP Response Size

www.checkinsfacebook.com/FBHJSUWC/HDHDASYL.html/

104.21.90.93

302 Found

0 B

URL User Request GET HTTP/2
www.checkinsfacebook.com/FBHJSUWC/HDHDASYL.html/
IP
104.21.90.93:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services LLC
Subjectcheckinsfacebook.com
Fingerprint92:F4:EE:52:33:58:D8:0C:F8:76:AB:D8:F2:C5:8E:4E:50:F7:0B:18
ValidityWed, 06 Dec 2023 10:00:04 GMT - Tue, 05 Mar 2024 10:00:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /FBHJSUWC/HDHDASYL.html/ HTTP/1.1
Host: www.checkinsfacebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 10 Dec 2023 03:19:03 GMT
content-length: 0
location: https://utsavelectromech.net/help/contact/1458913990924057
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-language: en-US
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcXGiMopACj2LpUbryvSL3y7JJLPL09CJbQMuEtCUOTpHt5XOhVYEUZ7CMS9qzTj80zZ5IPKak5G%2FGgpMXX6cCz7y6d7lQMzn693SE6SfC25Vkf7FcEMxJgec%2BmLCXIOd7CwO5aO0vDqApA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 833258135a1c56b4-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

utsavelectromech.net/help/contact/1458913990924057

103.227.176.27

301 Moved Permanently

707 B

URL User Request GET HTTP/2
utsavelectromech.net/help/contact/1458913990924057
IP
103.227.176.27:443
ASN
#55293 A2HOSTING

Certificate
IssuercPanel, Inc.
Subjectutsavelectromech.net
Fingerprint9A:DB:AB:A2:71:4A:57:69:7B:50:B3:02:4F:6E:A3:FE:2E:2B:97:45
ValiditySat, 09 Dec 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document text - exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /help/contact/1458913990924057 HTTP/1.1
Host: utsavelectromech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 707
date: Sun, 10 Dec 2023 03:19:03 GMT
server: LiteSpeed
location: https://utsavelectromech.net/help/contact/1458913990924057/
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: User-Agent
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

utsavelectromech.net/help/contact/1458913990924057/confirm.html

103.227.176.27

200 OK

51 kB

URL User Request GET HTTP/2
utsavelectromech.net/help/contact/1458913990924057/confirm.html
IP
103.227.176.27:443
ASN
#55293 A2HOSTING

Certificate
IssuercPanel, Inc.
Subjectutsavelectromech.net
Fingerprint9A:DB:AB:A2:71:4A:57:69:7B:50:B3:02:4F:6E:A3:FE:2E:2B:97:45
ValiditySat, 09 Dec 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document, ASCII text, with very long lines (32223), with CRLF line terminators
Size
51 kB (50935 bytes)
Hash
8365febda2d2c86ad68963a9684fb285
e6fedb322067327011baaf810d5e0acac2982a7a
d2faeaf76d89f102733941938279eef5798e865153298b11a07d4ef02404f020

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /help/contact/1458913990924057/confirm.html HTTP/1.1
Host: utsavelectromech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
last-modified: Sat, 09 Dec 2023 03:34:45 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 50935
date: Sun, 10 Dec 2023 03:19:04 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=3600, must-revalidate
X-Firefox-Spdy: h2

utsavelectromech.net/style.css

103.227.176.27

200 OK

22 kB

URL GET HTTP/3
utsavelectromech.net/style.css
IP
103.227.176.27:443
ASN
#55293 A2HOSTING

Requested by
https://utsavelectromech.net/help/contact/1458913990924057/confirm.html
Certificate
IssuercPanel, Inc.
Subjectutsavelectromech.net
Fingerprint9A:DB:AB:A2:71:4A:57:69:7B:50:B3:02:4F:6E:A3:FE:2E:2B:97:45
ValiditySat, 09 Dec 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65080), with CRLF line terminators
Size
22 kB (21927 bytes)
Hash
2fef660aafc470b8ae6b276c28cdd776
12b5451b26793f887a869e9af45897254879e1b8
cc8b1a0c0827d63eec2c7b9a30d4794ea64fe479cab57c61e86a9d6ad339e4d5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /style.css HTTP/1.1
Host: utsavelectromech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://utsavelectromech.net/help/contact/1458913990924057/confirm.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=604800, public
expires: Mon, 09 Dec 2024 09:19:05 GMT
content-type: text/css
last-modified: Sat, 11 Nov 2023 11:12:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 21927
date: Sun, 10 Dec 2023 03:19:05 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

utsavelectromech.net/Segoe.73e9cd89613cc1d9a962.ttf

103.227.176.27

302 Found

1.5 kB

URL GET HTTP/3
utsavelectromech.net/Segoe.73e9cd89613cc1d9a962.ttf
IP
103.227.176.27:443
ASN
#55293 A2HOSTING

Requested by
https://utsavelectromech.net/help/contact/1458913990924057/confirm.html
Certificate
IssuercPanel, Inc.
Subjectutsavelectromech.net
Fingerprint9A:DB:AB:A2:71:4A:57:69:7B:50:B3:02:4F:6E:A3:FE:2E:2B:97:45
ValiditySat, 09 Dec 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - HTML document text - exported SGML document, Unicode text, UTF-8 text, with very long lines (767), with CRLF line terminators
Size
1.5 kB (1499 bytes)
Hash
ea4b5fd0f74965a7e97dcb908d2415de
23e2d4e906b0641f5104c51520e51f32f366f8fa
f61b0af90358070692843ae37acbf69a3cc54375a072c277bbccddafd22608fc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /Segoe.73e9cd89613cc1d9a962.ttf HTTP/1.1
Host: utsavelectromech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://utsavelectromech.net/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
x-powered-by: PHP/7.4.33
location: confirm.html
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
content-length: 1499
content-encoding: gzip
date: Sun, 10 Dec 2023 03:19:05 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

api.ipify.org/?format=json

173.231.16.77

200 OK

21 B

URL GET HTTP/1.1
api.ipify.org/?format=json
IP
173.231.16.77:443
ASN
#18450 WEBNX

Requested by
https://utsavelectromech.net/help/contact/1458913990924057/confirm.html
Certificate
IssuerSectigo Limited
Subject*.ipify.org
FingerprintF4:76:2D:2C:65:D1:15:BE:19:A4:C5:E0:8D:EB:89:1A:B6:75:4A:54
ValidityTue, 07 Feb 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT

File type
JSON data - , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65

HTTP Headers

GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utsavelectromech.net/
Origin: https://utsavelectromech.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.1
Date: Sun, 10 Dec 2023 03:19:05 GMT
Content-Type: application/json
Content-Length: 21
Connection: keep-alive
Access-Control-Allow-Origin: *
Vary: Origin

www.google.com/recaptcha/api.js

142.250.74.132

200 OK

206 kB

URL GET HTTP/2
www.google.com/recaptcha/api.js
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://utsavelectromech.net/help/contact/1458913990924057/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint50:3E:DA:12:EC:7F:39:A5:E9:4F:16:D7:D6:AA:BF:45:15:44:7F:E9
ValidityMon, 20 Nov 2023 08:09:47 GMT - Mon, 12 Feb 2024 08:09:46 GMT

File type
ASCII text, with very long lines (864)
Size
206 kB (205476 bytes)
Hash
db3675abd7f73b15986a5863de5bd0f9
427250484c54a958611d49dad52846cfe8478fb1
45bd4acbd59728587bbf31cd7bcda6497f96ddf7a13aa7f51a7f031f46ee931a

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://utsavelectromech.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Dec 2023 03:19:05 GMT
date: Sun, 10 Dec 2023 03:19:05 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js

142.250.74.131

200 OK

205 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://utsavelectromech.net/help/contact/1458913990924057/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type
ASCII text, with very long lines (568)
Size
205 kB (204921 bytes)
Hash
af51eb6ced1afe3f0f11ee679198808c
02b9d6a7a54f930807a01ae3cdcf462862925b40
6788908efcff931e3c0c4fb54a255932414a22e81971dcc1427c8a4f459a1fbf

HTTP Headers

GET /recaptcha/releases/cwQvQhsy4_nYdnSDY4u7O5_B/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://utsavelectromech.net
DNT: 1
Connection: keep-alive
Referer: https://utsavelectromech.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 204921
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 09 Dec 2023 21:36:36 GMT
expires: Sun, 08 Dec 2024 21:36:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 04 Dec 2023 17:08:31 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 20549
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

utsavelectromech.net/confirm.html

103.227.176.27

200 OK

51 kB

URL GET HTTP/3
utsavelectromech.net/confirm.html
IP
103.227.176.27:443
ASN
#55293 A2HOSTING

Requested by
https://utsavelectromech.net/help/contact/1458913990924057/confirm.html
Certificate
IssuercPanel, Inc.
Subjectutsavelectromech.net
Fingerprint9A:DB:AB:A2:71:4A:57:69:7B:50:B3:02:4F:6E:A3:FE:2E:2B:97:45
ValiditySat, 09 Dec 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document, ASCII text, with very long lines (32223), with CRLF line terminators
Size
51 kB (50935 bytes)
Hash
8365febda2d2c86ad68963a9684fb285
e6fedb322067327011baaf810d5e0acac2982a7a
d2faeaf76d89f102733941938279eef5798e865153298b11a07d4ef02404f020

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /confirm.html HTTP/1.1
Host: utsavelectromech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utsavelectromech.net/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html
last-modified: Sat, 09 Dec 2023 03:34:25 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding,User-Agent
content-length: 50935
date: Sun, 10 Dec 2023 03:19:05 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=3600, must-revalidate

utsavelectromech.net/favicon.ico

103.227.176.27

404 Not Found

708 B

URL GET HTTP/3
utsavelectromech.net/favicon.ico
IP
103.227.176.27:443
ASN
#55293 A2HOSTING

Requested by
https://utsavelectromech.net/help/contact/1458913990924057/confirm.html
Certificate
IssuercPanel, Inc.
Subjectutsavelectromech.net
Fingerprint9A:DB:AB:A2:71:4A:57:69:7B:50:B3:02:4F:6E:A3:FE:2E:2B:97:45
ValiditySat, 09 Dec 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type
HTML document text - HTML document text - HTML document text - HTML document text - exported SGML document, ASCII text, with CRLF, LF line terminators
Size
708 B (708 bytes)
Hash
2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: utsavelectromech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://utsavelectromech.net/help/contact/1458913990924057/confirm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Sun, 10 Dec 2023 03:19:05 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
vary: User-Agent

www.google.com/recaptcha/api.js?render=explicit

142.250.74.132

200 OK

2.2 kB

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=explicit
IP
142.250.74.132:443
ASN
#15169 GOOGLE

Requested by
https://utsavelectromech.net/help/contact/1458913990924057/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
Fingerprint50:3E:DA:12:EC:7F:39:A5:E9:4F:16:D7:D6:AA:BF:45:15:44:7F:E9
ValidityMon, 20 Nov 2023 08:09:47 GMT - Mon, 12 Feb 2024 08:09:46 GMT

File type
gzip compressed data - data
Size
2.2 kB (2176 bytes)
Hash
16bf95ae84491848eee5ab6c4e59424d
882551f5a8d7c39890be75a2b9425a20dd9b2bb0
92e0e0ee3b24cd7e2bf93db0c58eaa1971820cf03114cc995f3510ec602a5bfe

HTTP Headers

GET /recaptcha/api.js?render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://utsavelectromech.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Sun, 10 Dec 2023 03:19:05 GMT
date: Sun, 10 Dec 2023 03:19:05 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.ipgeolocation.io/ipgeo?apiKey=f40a6ea769ce4740b4d5462dc649bbcf

104.20.62.122

200 OK

2.1 kB

URL GET HTTP/2
api.ipgeolocation.io/ipgeo?apiKey=f40a6ea769ce4740b4d5462dc649bbcf
IP
104.20.62.122:443
ASN
#13335 CLOUDFLARENET

Requested by
https://utsavelectromech.net/help/contact/1458913990924057/confirm.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint6E:F7:63:DC:0F:29:42:1E:46:DC:0B:5B:1B:8A:18:2F:9F:91:0E:59
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
JSON data - , ASCII text, with very long lines (845), with no line terminators
Size
2.1 kB (2097 bytes)
Hash
ec2a373417553c0a969c6573c1df00cf
df90be27ee9d0e410de2e511294811ef2e6af41d
3c4440001745901bfd9f8d5c0819de108fe8792d3cb32beb120e5f96962e2432

HTTP Headers

GET /ipgeo?apiKey=f40a6ea769ce4740b4d5462dc649bbcf HTTP/1.1
Host: api.ipgeolocation.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://utsavelectromech.net/
Origin: https://utsavelectromech.net
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 10 Dec 2023 03:19:05 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://utsavelectromech.net
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 833258229cd30b06-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__vi.js

142.250.74.131

404 Not Found

0 B

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__vi.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://utsavelectromech.net/help/contact/1458913990924057/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__vi.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://utsavelectromech.net
DNT: 1
Connection: keep-alive
Referer: https://utsavelectromech.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Sun, 10 Dec 2023 03:19:07 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__vi.js

142.250.74.131

404 Not Found

0 B

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__vi.js
IP
142.250.74.131:443
ASN
#15169 GOOGLE

Requested by
https://utsavelectromech.net/help/contact/1458913990924057/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint5F:60:69:C9:59:6D:F1:B5:87:82:8D:B0:57:3C:D9:24:10:FD:74:D1
ValidityMon, 20 Nov 2023 08:08:49 GMT - Mon, 12 Feb 2024 08:08:48 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__vi.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://utsavelectromech.net
DNT: 1
Connection: keep-alive
Referer: https://utsavelectromech.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Sun, 10 Dec 2023 03:19:06 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

utsavelectromech.net/help/contact/1458913990924057/

103.227.176.27

302 Found

139 kB

URL User Request GET HTTP/2
utsavelectromech.net/help/contact/1458913990924057/
IP
103.227.176.27:443
ASN
#55293 A2HOSTING

Certificate
IssuercPanel, Inc.
Subjectutsavelectromech.net
Fingerprint9A:DB:AB:A2:71:4A:57:69:7B:50:B3:02:4F:6E:A3:FE:2E:2B:97:45
ValiditySat, 09 Dec 2023 00:00:00 GMT - Fri, 08 Mar 2024 23:59:59 GMT

File type

Size
139 kB (138775 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /help/contact/1458913990924057/ HTTP/1.1
Host: utsavelectromech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
x-powered-by: PHP/7.4.33
location: confirm.html
vary: Accept-Encoding,User-Agent
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Sun, 10 Dec 2023 03:19:04 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (15)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3