vzweb.support-verizon.com
Open in
urlscan Pro
51.91.193.174
Malicious Activity!
Public Scan
Submission: On September 08 via automatic, source certstream-suspicious
Summary
TLS certificate: Issued by localhost on November 10th 2009. Valid for: 10 years.
This is the only time vzweb.support-verizon.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Verizon (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
8 | 51.91.193.174 51.91.193.174 | 16276 (OVH) (OVH) | |
1 | 137.188.98.37 137.188.98.37 | 12079 (CELLCO-PART) (CELLCO-PART - Cellco Partnership DBA Verizon Wireless) | |
1 | 2606:4700:10:... 2606:4700:10::6814:442e | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
10 | 4 |
ASN12079 (CELLCO-PART - Cellco Partnership DBA Verizon Wireless, US)
PTR: ohtwbgdinet25-ns-cim-tdc.verizonwireless.com
cim.verizonwireless.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.000webhost.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
8 |
support-verizon.com
vzweb.support-verizon.com |
853 KB |
1 |
000webhost.com
cdn.000webhost.com |
2 KB |
1 |
verizonwireless.com
cim.verizonwireless.com |
2 KB |
10 | 3 |
Domain | Requested by | |
---|---|---|
8 | vzweb.support-verizon.com |
vzweb.support-verizon.com
|
1 | cdn.000webhost.com |
vzweb.support-verizon.com
|
1 | cim.verizonwireless.com |
vzweb.support-verizon.com
|
10 | 3 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.000webhost.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
localhost localhost |
2009-11-10 - 2019-11-08 |
10 years | crt.sh |
cim-dr.verizonwireless.com DigiCert Baltimore CA-2 G2 |
2019-07-18 - 2021-07-21 |
2 years | crt.sh |
*.000webhost.com COMODO RSA Domain Validation Secure Server CA |
2018-10-19 - 2020-12-17 |
2 years | crt.sh |
This page contains 1 frames:
Primary Page:
https://vzweb.support-verizon.com/
Frame ID: 0750206583583EE874E8E8C0A6F27F14
Requests: 11 HTTP requests in this frame
Screenshot
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- headers server /php\/?([\d.]+)?/i
Windows Server (Operating Systems) Expand
Detected patterns
- headers server /Win32|Win64/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery-ui.*\.js/i
jQuery UI (JavaScript Libraries) Expand
Detected patterns
- script /jquery-ui.*\.js/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
vzweb.support-verizon.com/ |
8 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
grid.css
vzweb.support-verizon.com/files/ |
69 KB 69 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
styles.css
vzweb.support-verizon.com/files/ |
133 KB 133 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
vzweb.support-verizon.com/files/ |
86 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-ui.js
vzweb.support-verizon.com/files/ |
527 KB 527 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
js.js
vzweb.support-verizon.com/files/ |
4 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
base64.js
vzweb.support-verizon.com/files/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
verizonlogo_desktop_163x37.png
cim.verizonwireless.com/static/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/ |
2 KB 2 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
mobile.css
vzweb.support-verizon.com/files/ |
23 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
137 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Verizon (Telecommunication)6 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| rsaValidation function| goHome function| openRSA object| Base640 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.000webhost.com
cim.verizonwireless.com
vzweb.support-verizon.com
137.188.98.37
2606:4700:10::6814:442e
51.91.193.174
0bad7e3a8031272f74e25e91d73f50a3e90f9726df30b38823b94f956ea82c67
29df4ea9f48c7c837caaeda24ed02af505e6ba548fdea9152461766006231195
2a90189ce85f34909c5df21a91afa9133140938ac1636d094477a300efce9c54
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a
2d908ee4f1f3187022b041cd05c91d19ca71826c6548331630f3cc934f8644ac
41fbb38878d5031c0d44123ba7923dbaba0c6f933bcffa2a3ae0a97c656aba48
468db6fbdec1729aaf400ce462ed0e1c27994d9613a3dfa5cc12e66f9cd9efa8
621d3bf817a19ebec69f5691ccc8bfd788931ac8d0f18ae5df1c49a27edf71cd
6c3e81bfbdcc51959d83c088603279c9adaf2f45a2905d41abdefb6ab281dddb
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
fbb32588bf37bec33d3906a5a69b007e4862538c546aca36c767b78871eafae5