Report - help-verification-account.com/

Report Overview

Submitted URL
help-verification-account.com/
IP
52.58.254.253
ASN
#16509 AMAZON-02
Submitted
2023-12-04 22:13:33
Access
public
Website Title
Meta
Final URL
help-verification-account.com/
Tags
meta facebook phishing social
urlquery detections
Phishing - Facebook

Detections

urlquery
4
Network Intrusion Detection
3
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
help-verification-account.com	unknown	unknown	No data	No data	3.4 kB	94 kB	3.72.140.173
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2023-12-04	1.4 kB	46 kB	151.101.129.229
code.jquery.com	634	2005-12-10	2012-05-21	2023-12-04	435 B	32 kB	151.101.2.137
ipapi.co	195030	2016-04-19	2017-01-31	2023-12-04	500 B	754 B	104.26.8.44
ipinfo.io	8136	2013-04-23	2013-12-16	2023-12-04	504 B	796 B	34.117.59.81

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-04 22:13:22	medium	Client IP	Internal IP	ET POLICY External IP Lookup Domain (ipapi .co in DNS lookup)
2023-12-04 22:13:22	medium	Client IP	Internal IP	ET POLICY External IP Lookup Domain (ipapi .co in DNS lookup)
2023-12-04 22:13:22	medium	Client IP	34.117.59.81	ET POLICY Possible External IP Lookup Domain Observed in SNI (ipinfo. io)

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (4)

	URL	Size	First Seen	Last Seen
	code.jquery.com/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-07-27
Pretty URL code.jquery.com/jquery-3.6.0.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-07-27 03:00:27 Times Seen297618 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	cdn.jsdelivr.net/npm/jquery.cookie@1.4.1/jquery.cookie.js	3.1 kB	2023-03-07	2024-07-27
Pretty URL cdn.jsdelivr.net/npm/jquery.cookie@1.4.1/jquery.cookie.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:39 Last Seen2024-07-27 01:26:24 Times Seen10877 Hash d5528dde0006c78be04817327c2f9b6f 31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8 b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8 Loading...

	cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/js/bootstrap.min.js	58 kB	2023-03-07	2024-07-27
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/js/bootstrap.min.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-07-27 00:22:12 Times Seen22684 Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Loading...

	help-verification-account.com/oo.js	8.7 kB	2023-12-04	2023-12-06
Pretty URL help-verification-account.com/oo.js IP 3.72.140.173 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-04 23:13:39 Last Seen2023-12-06 01:16:21 Times Seen5 Hash 40227002ee270f3493062df9eb69a12b 5f20209072a3a82a02dbfcfada1f1e036de91b0b ce29af251c4990bcb39c41c9f3801853c57bc8023e02992bccb9aa338450bce1 Loading...

HTTP Transactions (13)

URL IP Response Size

help-verification-account.com/

3.72.140.173

200 OK

7.1 kB

URL User Request GET HTTP/2
help-verification-account.com/
IP
3.72.140.173:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.help-verification-account.com
Fingerprint82:A2:D0:AE:D6:45:4A:5B:7B:F9:FD:5C:3B:7F:73:B3:F0:B8:63:30
ValidityMon, 04 Dec 2023 20:26:11 GMT - Sun, 03 Mar 2024 20:26:10 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Size
7.1 kB (7069 bytes)
Hash
2e0b4ec4de9b666aff416efe608f751a
2c2fcafbbd10eb1f38ca46ec4ca683d35db35fa1
f0a5524d5d5f2752fddac43598425d3705127a05df4f5a42691c1722f2f5b952

HTTP Headers

GET / HTTP/1.1
Host: help-verification-account.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
age: 2747
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 04 Dec 2023 22:13:16 GMT
etag: "afe0e0b8b0605888377b1b4bad32f8bb-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HGVE92FRVDFJ3R5J3ZQ0YV8M
content-length: 7069
X-Firefox-Spdy: h2

help-verification-account.com/oo.css

3.72.140.173

200 OK

2.9 kB

URL GET HTTP/2
help-verification-account.com/oo.css
IP
3.72.140.173:443
ASN
#16509 AMAZON-02

Requested by
https://help-verification-account.com/
Certificate
IssuerLet's Encrypt
Subject*.help-verification-account.com
Fingerprint82:A2:D0:AE:D6:45:4A:5B:7B:F9:FD:5C:3B:7F:73:B3:F0:B8:63:30
ValidityMon, 04 Dec 2023 20:26:11 GMT - Sun, 03 Mar 2024 20:26:10 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
2.9 kB (2912 bytes)
Hash
49a1a583eb32c4801b309f74cf81f701
438500eb7d34adc04a550b1f28c464932ce50561
11c5a5744a358db8cba88214b1ce89a30322f33b2e36984cc7c352989c2297c6

HTTP Headers

GET /oo.css HTTP/1.1
Host: help-verification-account.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-verification-account.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 2684
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: text/css; charset=UTF-8
date: Mon, 04 Dec 2023 22:13:16 GMT
etag: "4aae049eaa8794b7df9a38fbab16692e-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HGVE92R3J39D8Q7297V882T4
content-length: 2912
X-Firefox-Spdy: h2

help-verification-account.com/images/ZUXA21k.png

3.72.140.173

200 OK

5.1 kB

URL GET HTTP/2
help-verification-account.com/images/ZUXA21k.png
IP
3.72.140.173:443
ASN
#16509 AMAZON-02

Requested by
https://help-verification-account.com/
Certificate
IssuerLet's Encrypt
Subject*.help-verification-account.com
Fingerprint82:A2:D0:AE:D6:45:4A:5B:7B:F9:FD:5C:3B:7F:73:B3:F0:B8:63:30
ValidityMon, 04 Dec 2023 20:26:11 GMT - Sun, 03 Mar 2024 20:26:10 GMT

File type
PNG image data, 212 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
5.1 kB (5127 bytes)
Hash
3b365a98760b211155db1b2013fc89e9
18ddf9412bbe7a905c3a5015d2e15989361ea180
f85ae19942302afb33ddc15deb32e501c38ae71a83645fbdf96321b1443d4c55

HTTP Headers

GET /images/ZUXA21k.png HTTP/1.1
Host: help-verification-account.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-verification-account.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 2683
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/png
date: Mon, 04 Dec 2023 22:13:16 GMT
etag: "a8edb79f9b4977361e7bd8a8a671fa4d-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01HGVE92R717G7VVVDWQHQDNMK
content-length: 5127
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css

151.101.129.229

200 OK

26 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/css/bootstrap.min.css
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://help-verification-account.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (65324)
Size
26 kB (25648 bytes)
Hash
a15c2ac3234aa8f6064ef9c1f7383c37
6e10354828454898fda80f55f3decb347fd9ed21
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

HTTP Headers

GET /npm/bootstrap@4.3.1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-verification-account.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.3.1
x-jsd-version-type: version
etag: W/"2606e-bhA1SChFSJj9qA9V897LNH/Z7SE"
content-encoding: br
accept-ranges: bytes
date: Mon, 04 Dec 2023 22:13:16 GMT
age: 10790926
x-served-by: cache-fra-eddf8230028-FRA, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 25648
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/jquery.cookie@1.4.1/jquery.cookie.js

151.101.129.229

200 OK

1.4 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/jquery.cookie@1.4.1/jquery.cookie.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://help-verification-account.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text
Size
1.4 kB (1403 bytes)
Hash
d5528dde0006c78be04817327c2f9b6f
31e1bcc4cf805a2c2fee21f48ded1e598f64a2a8
b84161c9fbf7520cd14e7019f92120bd87a928a074156e91a992eba9fc9436e8

HTTP Headers

GET /npm/jquery.cookie@1.4.1/jquery.cookie.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-verification-account.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.4.1
x-jsd-version-type: version
etag: W/"c31-MeG8xM+AWiwv7iH0je0eWY9koqg"
content-encoding: br
accept-ranges: bytes
date: Mon, 04 Dec 2023 22:13:16 GMT
age: 3596521
x-served-by: cache-fra-etou8220072-FRA, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1403
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

151.101.2.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://help-verification-account.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-verification-account.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 04 Dec 2023 22:13:16 GMT
age: 1125379
x-served-by: cache-lga21931-LGA, cache-bma1639-BMA
x-cache: HIT, HIT
x-cache-hits: 14, 307302
x-timer: S1701727997.716939,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/js/bootstrap.min.js

151.101.129.229

200 OK

16 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.3.1/dist/js/bootstrap.min.js
IP
151.101.129.229:443
ASN
#54113 FASTLY

Requested by
https://help-verification-account.com/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
ASCII text, with very long lines (57791)
Size
16 kB (16459 bytes)
Hash
e1d98d47689e00f8ecbc5d9f61bdb42e
6778fed3cf095a318141a31f455c8f4663885bde
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

HTTP Headers

GET /npm/bootstrap@4.3.1/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-verification-account.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.3.1
x-jsd-version-type: version
etag: W/"e2d8-Z3j+088JWjGBQaMfRVyPRmOIW94"
content-encoding: br
accept-ranges: bytes
date: Mon, 04 Dec 2023 22:13:16 GMT
age: 5250093
x-served-by: cache-fra-etou8220067-FRA, cache-bma1662-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16459
X-Firefox-Spdy: h2

help-verification-account.com/images/email-icon-circle-28.jpg

3.72.140.173

200 OK

64 kB

URL GET HTTP/2
help-verification-account.com/images/email-icon-circle-28.jpg
IP
3.72.140.173:443
ASN
#16509 AMAZON-02

Requested by
https://help-verification-account.com/
Certificate
IssuerLet's Encrypt
Subject*.help-verification-account.com
Fingerprint82:A2:D0:AE:D6:45:4A:5B:7B:F9:FD:5C:3B:7F:73:B3:F0:B8:63:30
ValidityMon, 04 Dec 2023 20:26:11 GMT - Sun, 03 Mar 2024 20:26:10 GMT

File type
PNG image data, 2400 x 2400, 8-bit gray+alpha, non-interlaced\012- data
Size
64 kB (64005 bytes)
Hash
e2ec2d4b04985880f2b12ef8c92fae3e
9854092d156e4e9c25a46cf51a73e17aacce766a
726be1e116ab2ab6670d94751d0568c157a75f4e625989793fa8e9b77800caa0

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /images/email-icon-circle-28.jpg HTTP/1.1
Host: help-verification-account.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-verification-account.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 2683
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/jpeg
date: Mon, 04 Dec 2023 22:13:16 GMT
etag: "947aea08036b3dadacb62dff449d53ed-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01HGVE92R7JQ9CF3S7YV1GVV6G
content-length: 64005
X-Firefox-Spdy: h2

help-verification-account.com/images/newlogo1.png

3.72.140.173

200 OK

4.6 kB

URL GET HTTP/2
help-verification-account.com/images/newlogo1.png
IP
3.72.140.173:443
ASN
#16509 AMAZON-02

Requested by
https://help-verification-account.com/
Certificate
IssuerLet's Encrypt
Subject*.help-verification-account.com
Fingerprint82:A2:D0:AE:D6:45:4A:5B:7B:F9:FD:5C:3B:7F:73:B3:F0:B8:63:30
ValidityMon, 04 Dec 2023 20:26:11 GMT - Sun, 03 Mar 2024 20:26:10 GMT

File type
PNG image data, 68 x 55, 8-bit/color RGBA, non-interlaced\012- data
Size
4.6 kB (4645 bytes)
Hash
4632b63ae6c52a32586fb3db3faf1167
7ee373c59fb93448c3d409d5683db9995570ce70
096988abc603ffc3519d70d6dcb0475bb60b72f2e490c804f03fbf111074deab

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /images/newlogo1.png HTTP/1.1
Host: help-verification-account.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-verification-account.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 2683
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/png
date: Mon, 04 Dec 2023 22:13:16 GMT
etag: "8c7cd3560b2be6520fbc66c05cc6223d-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01HGVE92RBB7K6FWBBX6DX414J
content-length: 4645
X-Firefox-Spdy: h2

help-verification-account.com/oo.js

3.72.140.173

200 OK

2.1 kB

URL GET HTTP/2
help-verification-account.com/oo.js
IP
3.72.140.173:443
ASN
#16509 AMAZON-02

Requested by
https://help-verification-account.com/
Certificate
IssuerLet's Encrypt
Subject*.help-verification-account.com
Fingerprint82:A2:D0:AE:D6:45:4A:5B:7B:F9:FD:5C:3B:7F:73:B3:F0:B8:63:30
ValidityMon, 04 Dec 2023 20:26:11 GMT - Sun, 03 Mar 2024 20:26:10 GMT

File type
Unicode text, UTF-8 text, with CRLF line terminators
Size
2.1 kB (2143 bytes)
Hash
40227002ee270f3493062df9eb69a12b
5f20209072a3a82a02dbfcfada1f1e036de91b0b
ce29af251c4990bcb39c41c9f3801853c57bc8023e02992bccb9aa338450bce1

HTTP Headers

GET /oo.js HTTP/1.1
Host: help-verification-account.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-verification-account.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 2684
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: application/javascript; charset=UTF-8
date: Mon, 04 Dec 2023 22:13:16 GMT
etag: "205673db640b6442cadeee9bb76f8895-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01HGVE92RGJB474TGR9F712T10
content-length: 2143
X-Firefox-Spdy: h2

help-verification-account.com/images/favicon.ico

3.72.140.173

200 OK

5.4 kB

URL GET HTTP/2
help-verification-account.com/images/favicon.ico
IP
3.72.140.173:443
ASN
#16509 AMAZON-02

Requested by
https://help-verification-account.com/
Certificate
IssuerLet's Encrypt
Subject*.help-verification-account.com
Fingerprint82:A2:D0:AE:D6:45:4A:5B:7B:F9:FD:5C:3B:7F:73:B3:F0:B8:63:30
ValidityMon, 04 Dec 2023 20:26:11 GMT - Sun, 03 Mar 2024 20:26:10 GMT

File type
MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
5.4 kB (5430 bytes)
Hash
de76b0c210c815ef282d5b59de8a0567
023038e2dfd649047be4fbba79c78dd80bc4cd90
c636a92a12eb33629e6dcadc67e49651ac54e8f3b18a03c805668505f05c885a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook

HTTP Headers

GET /images/favicon.ico HTTP/1.1
Host: help-verification-account.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://help-verification-account.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
age: 2683
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-type: image/vnd.microsoft.icon
date: Mon, 04 Dec 2023 22:13:17 GMT
etag: "f7ce7c6e0ff274fd18f7d6189040a95b-ssl"
server: Netlify
strict-transport-security: max-age=31536000
x-nf-request-id: 01HGVE9352AP1B4EDQ1TRZKE01
content-length: 5430
X-Firefox-Spdy: h2

ipapi.co/ip

104.26.8.44

200 OK

12 B

URL GET HTTP/2
ipapi.co/ip
IP
104.26.8.44:443
ASN
#13335 CLOUDFLARENET

Requested by
https://help-verification-account.com/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint1C:DB:D6:56:6B:17:32:E7:56:AF:64:8D:07:3B:37:96:77:A8:FD:F1
ValiditySun, 16 Apr 2023 00:00:00 GMT - Mon, 15 Apr 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
35b0bce9d250429df012c0426f88d0bd
f81d80af9cbeb0011316fbba3da8002b32251f7a
da9add592d7eb9cca7705cb4870d7fd4e9718ccd51486c4261a727a8d566960d

HTTP Headers

GET /ip HTTP/1.1
Host: ipapi.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://help-verification-account.com
DNT: 1
Connection: keep-alive
Referer: https://help-verification-account.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Mon, 04 Dec 2023 22:13:17 GMT
content-type: text/plain; charset=utf-8
content-length: 12
allow: OPTIONS, OPTIONS, GET, POST, HEAD
x-frame-options: DENY
vary: Host, origin
access-control-allow-origin: https://help-verification-account.com
x-content-type-options: nosniff
referrer-policy: same-origin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2BXuehAeGuqZyjjS22Mc3Smf%2Fl5Fgbk1avF%2BxdrvIiy5Zb0cFhag7sa47cC2GcT8afQUrwwWnaaLOZbd8qKxCyG4TiEE1rPE%2BRKlE6aF6xTM%2Br1Rg4I%2Fq87N"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8307654f9fb70b61-OSL
X-Firefox-Spdy: h2

ipinfo.io//json?

34.117.59.81

200 OK

280 B

URL GET HTTP/2
ipinfo.io//json?
IP
34.117.59.81:443
ASN
#15169 GOOGLE

Requested by
https://help-verification-account.com/
Certificate
IssuerLet's Encrypt
Subjectipinfo.io
Fingerprint02:67:9A:BD:EB:E2:DF:E4:D3:87:6D:3B:B4:56:D4:77:D6:F3:61:E3
ValidityTue, 07 Nov 2023 06:17:02 GMT - Mon, 05 Feb 2024 06:17:01 GMT

File type
ASCII text, with very long lines (331), with no line terminators
Size
280 B (280 bytes)
Hash
1438617e5afe35240ea18211e338db01
89cd78f604e6cbe17941a252074a02a4a01e4f44
3ea7df984d0727ca5eddf1c01b8f584629a1fb93caa8c0b581e5835ede012c1d

HTTP Headers

GET //json? HTTP/1.1
Host: ipinfo.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://help-verification-account.com
DNT: 1
Connection: keep-alive
Referer: https://help-verification-account.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-type: application/json; charset=utf-8
date: Mon, 04 Dec 2023 22:13:17 GMT
x-envoy-upstream-service-time: 2
strict-transport-security: max-age=2592000; includeSubDomains
vary: Accept-Encoding
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (13)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size