vzweb.support-verizon.com Open in urlscan Pro
51.91.193.174  Malicious Activity! Public Scan

URL: https://vzweb.support-verizon.com/
Submission: On September 08 via automatic, source certstream-suspicious

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 10 HTTP transactions. The main IP is 51.91.193.174, located in France and belongs to OVH, FR. The main domain is vzweb.support-verizon.com.
TLS certificate: Issued by localhost on November 10th 2009. Valid for: 10 years.
This is the only time vzweb.support-verizon.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Verizon (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
8 51.91.193.174 16276 (OVH)
1 137.188.98.37 12079 (CELLCO-PART)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
10 4
Domain Requested by
8 vzweb.support-verizon.com vzweb.support-verizon.com
1 cdn.000webhost.com vzweb.support-verizon.com
1 cim.verizonwireless.com vzweb.support-verizon.com
10 3

This site contains links to these domains. Also see Links.

Domain
www.000webhost.com
Subject Issuer Validity Valid
localhost
localhost
2009-11-10 -
2019-11-08
10 years crt.sh
cim-dr.verizonwireless.com
DigiCert Baltimore CA-2 G2
2019-07-18 -
2021-07-21
2 years crt.sh
*.000webhost.com
COMODO RSA Domain Validation Secure Server CA
2018-10-19 -
2020-12-17
2 years crt.sh

This page contains 1 frames:

Primary Page: https://vzweb.support-verizon.com/
Frame ID: 0750206583583EE874E8E8C0A6F27F14
Requests: 11 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /php\/?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • headers server /Win32|Win64/i

Overall confidence: 100%
Detected patterns
  • headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery-ui.*\.js/i

Overall confidence: 100%
Detected patterns
  • script /jquery-ui.*\.js/i

Page Statistics

10
Requests

20 %
HTTPS

33 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

857 kB
Transfer

854 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
vzweb.support-verizon.com/
8 KB
8 KB
Document
General
Full URL
https://vzweb.support-verizon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.91.193.174 , France, ASN16276 (OVH, FR),
Reverse DNS
ip174.ip-51-91-193.eu
Software
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8 / PHP/7.3.8
Resource Hash
621d3bf817a19ebec69f5691ccc8bfd788931ac8d0f18ae5df1c49a27edf71cd

Request headers

Host
vzweb.support-verizon.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
none
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

Date
Sun, 08 Sep 2019 03:16:33 GMT
Server
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8
X-Powered-By
PHP/7.3.8
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
grid.css
vzweb.support-verizon.com/files/
69 KB
69 KB
Stylesheet
General
Full URL
https://vzweb.support-verizon.com/files/grid.css
Requested by
Host: vzweb.support-verizon.com
URL: https://vzweb.support-verizon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.91.193.174 , France, ASN16276 (OVH, FR),
Reverse DNS
ip174.ip-51-91-193.eu
Software
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8 /
Resource Hash
2a90189ce85f34909c5df21a91afa9133140938ac1636d094477a300efce9c54

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://vzweb.support-verizon.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 03:16:33 GMT
Last-Modified
Wed, 28 Aug 2019 01:53:05 GMT
Server
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8
ETag
"11343-59123a66f325a"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
70467
styles.css
vzweb.support-verizon.com/files/
133 KB
133 KB
Stylesheet
General
Full URL
https://vzweb.support-verizon.com/files/styles.css
Requested by
Host: vzweb.support-verizon.com
URL: https://vzweb.support-verizon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.91.193.174 , France, ASN16276 (OVH, FR),
Reverse DNS
ip174.ip-51-91-193.eu
Software
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8 /
Resource Hash
fbb32588bf37bec33d3906a5a69b007e4862538c546aca36c767b78871eafae5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://vzweb.support-verizon.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 03:16:33 GMT
Last-Modified
Wed, 28 Aug 2019 01:53:07 GMT
Server
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8
ETag
"21257-59123a685d8ab"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
135767
jquery.js
vzweb.support-verizon.com/files/
86 KB
86 KB
Script
General
Full URL
https://vzweb.support-verizon.com/files/jquery.js
Requested by
Host: vzweb.support-verizon.com
URL: https://vzweb.support-verizon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.91.193.174 , France, ASN16276 (OVH, FR),
Reverse DNS
ip174.ip-51-91-193.eu
Software
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8 /
Resource Hash
2b381363dda049f2d49a59037b228bc865d51ffb977c8f5c3547d5c28de48e3a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://vzweb.support-verizon.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 03:16:33 GMT
Last-Modified
Wed, 28 Aug 2019 01:53:05 GMT
Server
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8
ETag
"15851-59123a66d4a14"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
88145
jquery-ui.js
vzweb.support-verizon.com/files/
527 KB
527 KB
Script
General
Full URL
https://vzweb.support-verizon.com/files/jquery-ui.js
Requested by
Host: vzweb.support-verizon.com
URL: https://vzweb.support-verizon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.91.193.174 , France, ASN16276 (OVH, FR),
Reverse DNS
ip174.ip-51-91-193.eu
Software
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8 /
Resource Hash
0bad7e3a8031272f74e25e91d73f50a3e90f9726df30b38823b94f956ea82c67

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://vzweb.support-verizon.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 03:16:33 GMT
Last-Modified
Fri, 06 Sep 2019 00:14:54 GMT
Server
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8
ETag
"83b1b-591d753e19687"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
539419
js.js
vzweb.support-verizon.com/files/
4 KB
4 KB
Script
General
Full URL
https://vzweb.support-verizon.com/files/js.js
Requested by
Host: vzweb.support-verizon.com
URL: https://vzweb.support-verizon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.91.193.174 , France, ASN16276 (OVH, FR),
Reverse DNS
ip174.ip-51-91-193.eu
Software
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8 /
Resource Hash
2d908ee4f1f3187022b041cd05c91d19ca71826c6548331630f3cc934f8644ac

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://vzweb.support-verizon.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 03:16:33 GMT
Last-Modified
Sun, 08 Sep 2019 02:35:59 GMT
Server
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8
ETag
"fbc-59201881a1882"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4028
base64.js
vzweb.support-verizon.com/files/
2 KB
2 KB
Script
General
Full URL
https://vzweb.support-verizon.com/files/base64.js
Requested by
Host: vzweb.support-verizon.com
URL: https://vzweb.support-verizon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.91.193.174 , France, ASN16276 (OVH, FR),
Reverse DNS
ip174.ip-51-91-193.eu
Software
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8 /
Resource Hash
41fbb38878d5031c0d44123ba7923dbaba0c6f933bcffa2a3ae0a97c656aba48

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://vzweb.support-verizon.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 03:16:33 GMT
Last-Modified
Fri, 06 Sep 2019 00:26:00 GMT
Server
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8
ETag
"642-591d77b8bb7c7"
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1602
verizonlogo_desktop_163x37.png
cim.verizonwireless.com/static/images/
2 KB
2 KB
Image
General
Full URL
https://cim.verizonwireless.com/static/images/verizonlogo_desktop_163x37.png
Requested by
Host: vzweb.support-verizon.com
URL: https://vzweb.support-verizon.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
137.188.98.37 , United States, ASN12079 (CELLCO-PART - Cellco Partnership DBA Verizon Wireless, US),
Reverse DNS
ohtwbgdinet25-ns-cim-tdc.verizonwireless.com
Software
Apache/2.4.39 (Unix) mod_python/3.4.1- Python/2.7.11 /
Resource Hash
29df4ea9f48c7c837caaeda24ed02af505e6ba548fdea9152461766006231195

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://vzweb.support-verizon.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 03:16:33 GMT
Last-Modified
Wed, 26 Sep 2018 18:56:34 GMT
Server
Apache/2.4.39 (Unix) mod_python/3.4.1- Python/2.7.11
ETag
"6be-576cac7f9b929"
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1726
footer-powered-by-000webhost-white2.png
cdn.000webhost.com/000webhost/logo/
2 KB
2 KB
Image
General
Full URL
https://cdn.000webhost.com/000webhost/logo/footer-powered-by-000webhost-white2.png
Requested by
Host: vzweb.support-verizon.com
URL: https://vzweb.support-verizon.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:442e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
86f2673ec74a632865109a76b2232f4f5b3587daa219e07a17ef1d9c76a0fda5
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://vzweb.support-verizon.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 08 Sep 2019 03:16:33 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
age
631
cf-polished
origFmt=png, origSize=2046
status
200
content-disposition
inline; filename="footer-powered-by-000webhost-white2.webp"
x-hostinger-datacenter
srv
vary
Accept
content-length
1696
x-xss-protection
1; mode=block
last-modified
Fri, 06 Sep 2019 13:10:19 GMT
server
cloudflare
x-frame-options
sameorigin
etag
"5d725abb-7fe"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=2592000
content-type
image/webp
expires
Sun, 08 Sep 2019 07:16:33 GMT
cache-control
public, max-age=14400
x-hostinger-node
nl-srv-cdn2
accept-ranges
bytes
cf-ray
512dc3ab6ba159b8-VIE
cf-bgj
imgq:100
mobile.css
vzweb.support-verizon.com/files/
23 KB
23 KB
Stylesheet
General
Full URL
https://vzweb.support-verizon.com/files/mobile.css
Requested by
Host: vzweb.support-verizon.com
URL: https://vzweb.support-verizon.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
51.91.193.174 , France, ASN16276 (OVH, FR),
Reverse DNS
ip174.ip-51-91-193.eu
Software
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8 /
Resource Hash
6c3e81bfbdcc51959d83c088603279c9adaf2f45a2905d41abdefb6ab281dddb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://vzweb.support-verizon.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 08 Sep 2019 03:16:33 GMT
Last-Modified
Wed, 28 Aug 2019 01:53:06 GMT
Server
Apache/2.4.39 (Win64) OpenSSL/1.1.1c PHP/7.3.8
ETag
"5b1c-59123a67a66fa"
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
23324
truncated
/
137 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
468db6fbdec1729aaf400ce462ed0e1c27994d9613a3dfa5cc12e66f9cd9efa8

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Verizon (Telecommunication)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| rsaValidation function| goHome function| openRSA object| Base64

0 Cookies