submit-verification-form.vercel.app Open in urlscan Pro
76.76.21.98  Malicious Activity! Public Scan

URL: https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
Submission: On April 07 via automatic, source phishtank — Scanned from DE

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 7 HTTP transactions. The main IP is 76.76.21.98, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is submit-verification-form.vercel.app.
TLS certificate: Issued by R3 on February 14th 2024. Valid for: 3 months.
This is the only time submit-verification-form.vercel.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
5 76.76.21.98 16509 (AMAZON-02)
2 2407:d000:0:1... 23674 (NAYATEL-P...)
7 2
Apex Domain
Subdomains
Transfer
5 vercel.app
submit-verification-form.vercel.app
1 MB
2 fbcdn.net
scontent.fisb17-1.fna.fbcdn.net — Cisco Umbrella Rank: 625163
21 KB
7 2
Domain Requested by
5 submit-verification-form.vercel.app submit-verification-form.vercel.app
2 scontent.fisb17-1.fna.fbcdn.net
7 2

This site contains no links.

Subject Issuer Validity Valid
*.vercel.app
R3
2024-02-14 -
2024-05-14
3 months crt.sh
*.fisb17-1.fna.fbcdn.net
DigiCert SHA2 High Assurance Server CA
2024-03-24 -
2024-06-22
3 months crt.sh

This page contains 1 frames:

Primary Page: https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
Frame ID: A43CF0BFB3917716F5CE8F4CDACA5AED
Requests: 7 HTTP requests in this frame

Screenshot

Page Title

Meta Verified | Get a verified blue tick

Page Statistics

7
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1191 kB
Transfer

1513 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
submit-verification-form.vercel.app/
698 B
950 B
Document
General
Full URL
https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
471318c4ee7383665ca7a58718030108719034ca1c7bf04d315941199269278f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
104924
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-length
698
content-type
text/html; charset=utf-8
date
Sun, 07 Apr 2024 21:36:45 GMT
etag
"197c5b4e649920272ca15b4b9ee6b969"
server
Vercel
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-vercel-cache
HIT
x-vercel-id
fra1::dt7m5-1712525805620-954de684aa0f
main.c52f47da.js
submit-verification-form.vercel.app/static/js/
199 KB
70 KB
Script
General
Full URL
https://submit-verification-form.vercel.app/static/js/main.c52f47da.js
Requested by
Host: submit-verification-form.vercel.app
URL: https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
56df4472b045873dd321993324fef3e1cbccbc7e31ee1f44a7b97b7932a6378e
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:36:45 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1::zmjsr-1712525805676-47dd86d25fc5
age
15438
etag
W/"7ce3edbb0e5a06e14fabae87c4ee8525"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="main.c52f47da.js"
main.77448935.css
submit-verification-form.vercel.app/static/css/
230 KB
36 KB
Stylesheet
General
Full URL
https://submit-verification-form.vercel.app/static/css/main.77448935.css
Requested by
Host: submit-verification-form.vercel.app
URL: https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
75d044af1f507a9ed0ce5699c126394ad173ddc1391a3d782c37d74481e8b429
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:36:45 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1::26pdl-1712525805676-a2e84c3144ad
age
15438
etag
W/"6ff82b22cb40582cbc5abd31914eca66"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="main.77448935.css"
meta-logo-primary_standardsize.svg
scontent.fisb17-1.fna.fbcdn.net/v/t39.8562-6/252294889_575082167077436_6034106545912333281_n.svg/
14 KB
14 KB
Image
General
Full URL
https://scontent.fisb17-1.fna.fbcdn.net/v/t39.8562-6/252294889_575082167077436_6034106545912333281_n.svg/meta-logo-primary_standardsize.svg?_nc_cat=1&ccb=1-7&_nc_sid=e280be&_nc_ohc=mLbGeIj8iaIAb7LbfFP&_nc_ht=scontent.fisb17-1.fna&oh=00_AfBODigVwokWywnDdfmmZJRDnPHrPtWL29dmMQjho-aClA&oe=66173379
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2407:d000:0:106:face:b00c:0:a7 Islamabad, Pakistan, ASN23674 (NAYATEL-PK Nayatel Pvt Ltd, PK),
Reverse DNS
Software
/
Resource Hash
8940d7ecc943da6891bda1c87e0d479b9d791d78ac479d4210163afaa4ef2391

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://submit-verification-form.vercel.app/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:36:46 GMT
content-digest
adler32=845204493
thrift_fmhk
GBBafvRaed3TXIvkw71EtikeFeq3uckLvFUAAAA=
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
13990
x-fb-connection-quality
MODERATE; q=0.3, rtt=230, rtx=0, c=12, mss=1294, tbw=10321, tp=-1, tpl=-1, uplat=1, ullat=-1
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Mon, 01 Nov 2021 18:10:49 GMT
x-fb-congestion-signal
congestion-delay:98;congestion-delay-p50:55;congestion-delay-mean:122;congestion-delay-stddev:281;total-samples:5079;dispersion-samples:1069;num-congested-samples:0;num-single-packet-samples:0;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
x-needle-checksum
845204493
accept-ranges
bytes
timing-allow-origin
*
375593064_778731280602001_6601361369208148137_n.png
scontent.fisb17-1.fna.fbcdn.net/v/t39.8562-6/
7 KB
7 KB
Image
General
Full URL
https://scontent.fisb17-1.fna.fbcdn.net/v/t39.8562-6/375593064_778731280602001_6601361369208148137_n.png?_nc_cat=106&ccb=1-7&_nc_sid=f537c7&_nc_ohc=Y2YkYj8CGDAAb4fttPd&_nc_oc=AdhG4yoNrgC26LXT2utREC0cYt0rWgB6tzMI4r_h5iDx9MHGgm5-C_C-h4TjJrm8yiI&_nc_ht=scontent.fisb17-1.fna&oh=00_AfA7dVOTGUzSglTTR-kqpa1qZLfGwAYZUbaREBej-B8IgA&oe=66172F0B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2407:d000:0:106:face:b00c:0:a7 Islamabad, Pakistan, ASN23674 (NAYATEL-PK Nayatel Pvt Ltd, PK),
Reverse DNS
Software
/
Resource Hash
6afa71ffe1c81cf6fc9580312d8543be200b24a6dbae24784617cb595117e092

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://submit-verification-form.vercel.app/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:36:46 GMT
content-digest
adler32=2543240437
thrift_fmhk
GBACGzZxyo1jJB+jsrlXdZRgFfDr4Z0EvFUAAAA=
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6899
x-fb-connection-quality
MODERATE; q=0.3, rtt=230, rtx=0, c=12, mss=1294, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=-1
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 07 Sep 2023 21:33:33 GMT
x-fb-congestion-signal
congestion-delay:206;congestion-delay-p50:97;congestion-delay-mean:130;congestion-delay-stddev:106;total-samples:6705;dispersion-samples:955;num-congested-samples:0;num-single-packet-samples:1;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
x-needle-checksum
2543240437
accept-ranges
bytes
timing-allow-origin
*
logo%20512.png
submit-verification-form.vercel.app/
111 KB
112 KB
Other
General
Full URL
https://submit-verification-form.vercel.app/logo%20512.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
5341e7bc11af3185c192ff627ea006dcc56dcdd7582fa71984f99b500ae0cd07
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:36:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1::l8kt4-1712525805806-e3cea96310fa
age
11995
etag
"e4ca07f2a4d6fecc3127e8c306539df1"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=0, must-revalidate
content-disposition
inline; filename="logo 512.png"
accept-ranges
bytes
content-length
114114
mainlogo.1e021de7020fcdab170b.png
submit-verification-form.vercel.app/static/media/
951 KB
952 KB
Image
General
Full URL
https://submit-verification-form.vercel.app/static/media/mainlogo.1e021de7020fcdab170b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4069598637608e9a55ca1eb4736eb6953521fc9f335fa4305d15d4b647a6415d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 07 Apr 2024 21:36:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
fra1::n4l6v-1712525805812-15f8e06a8cb2
age
15437
etag
"c934da73d7f76bce6ca5b5e3238df97f"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="mainlogo.1e021de7020fcdab170b.png"
accept-ranges
bytes
content-length
974323

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload