urlscan.io logo urlscan.io
SecurityTrails logo

submit-verification-form.vercel.app Open in urlscan Pro
76.76.21.93  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
Submission Tags: @phish_report
Submission: On March 23 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 6 HTTP transactions. The main IP is 76.76.21.93, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is submit-verification-form.vercel.app.
TLS certificate: Issued by R3 on February 14th 2024. Valid for: 3 months.
This is the only time submit-verification-form.vercel.app was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
4 76.76.21.93 16509 (AMAZON-02)
2 202.165.249.81 23674 (NAYATEL-P...)
6 2
Apex Domain
Subdomains		 Transfer
4 vercel.app
submit-verification-form.vercel.app
1 MB
2 fbcdn.net
scontent.fisb1-2.fna.fbcdn.net — Cisco Umbrella Rank: 685457
21 KB
6 2
Domain Requested by
4 submit-verification-form.vercel.app submit-verification-form.vercel.app
2 scontent.fisb1-2.fna.fbcdn.net
6 2

This site contains no links.

Subject Issuer Validity Valid
*.vercel.app
R3		 2024-02-14 -
2024-05-14		 3 months crt.sh
*.fisb1-2.fna.fbcdn.net
DigiCert SHA2 High Assurance Server CA		 2024-01-29 -
2024-04-28		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
Frame ID: E5AE6D9B68BDB4ED44B1948E882A39A0
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Meta Verified | Get a verified blue tick

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1080 kB
Transfer

1402 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
submit-verification-form.vercel.app/ 		698 B
949 B 		Document
General
Check archive.org
Download Go to
Full URL
https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
8f811e24191785bcf3aa074c6d5118f8407d9cb544ec69917c0613f9bf45ea51
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
fi-FI,fi;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
93630
cache-control
public, max-age=0, must-revalidate
content-disposition
inline
content-length
698
content-type
text/html; charset=utf-8
date
Sat, 23 Mar 2024 12:13:22 GMT
etag
"b1d91de32291e95c0a4470721dbd4f9a"
server
Vercel
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-vercel-cache
HIT
x-vercel-id
arn1::89bqt-1711196002492-b711eaa92956
main.e43c5621.js
submit-verification-form.vercel.app/static/js/ 		199 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://submit-verification-form.vercel.app/static/js/main.e43c5621.js
Requested by
Host: submit-verification-form.vercel.app
URL: https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
1b9a437f5c37666dcc3fa1393bd51ccc2b339a9c35ef7928b5bf16797aa9b6fe
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 12:13:22 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
arn1::89bqt-1711196002621-076fa6fb3fb4
age
93630
etag
W/"a1b3078c296c2609d0b7daa6b42099d9"
x-vercel-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="main.e43c5621.js"
main.77448935.css
submit-verification-form.vercel.app/static/css/ 		230 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://submit-verification-form.vercel.app/static/css/main.77448935.css
Requested by
Host: submit-verification-form.vercel.app
URL: https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
75d044af1f507a9ed0ce5699c126394ad173ddc1391a3d782c37d74481e8b429
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 12:13:22 GMT
content-encoding
br
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
arn1::k8tbc-1711196002621-e8ae72526163
age
93630
etag
W/"6ff82b22cb40582cbc5abd31914eca66"
x-vercel-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="main.77448935.css"
meta-logo-primary_standardsize.svg
scontent.fisb1-2.fna.fbcdn.net/v/t39.8562-6/252294889_575082167077436_6034106545912333281_n.svg/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fisb1-2.fna.fbcdn.net/v/t39.8562-6/252294889_575082167077436_6034106545912333281_n.svg/meta-logo-primary_standardsize.svg?_nc_cat=1&ccb=1-7&_nc_sid=e280be&_nc_ohc=qjnPXH1yBLcAX9WyUO3&_nc_ht=scontent.fisb1-2.fna&oh=00_AfAdvOf_AF1-MuGM9ca-LaGtAhc78isnT6prkL77uDzdZw&oe=65FFB0B9
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.165.249.81 , Pakistan, ASN23674 (NAYATEL-PK Nayatel Pvt Ltd, PK),
Reverse DNS
Software
/
Resource Hash
8940d7ecc943da6891bda1c87e0d479b9d791d78ac479d4210163afaa4ef2391

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://submit-verification-form.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

x-fb-connection-quality
MODERATE; q=0.3, rtt=197, rtx=0, c=14, mss=1392, tbw=3338, tp=-1, tpl=-1, uplat=0, ullat=-1
date
Sat, 23 Mar 2024 12:13:24 GMT
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Mon, 01 Nov 2021 18:10:49 GMT
content-type
image/svg+xml
access-control-allow-origin
*
content-digest
adler32=845204493
thrift_fmhk
GBC22BLbvnnvu8qOWhOsTcaAFeq3uckLvFUAAAA=
cache-control
max-age=1209600, no-transform
cross-origin-resource-policy
cross-origin
x-needle-checksum
845204493
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
13990
375593064_778731280602001_6601361369208148137_n.png
scontent.fisb1-2.fna.fbcdn.net/v/t39.8562-6/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://scontent.fisb1-2.fna.fbcdn.net/v/t39.8562-6/375593064_778731280602001_6601361369208148137_n.png?_nc_cat=106&ccb=1-7&_nc_sid=f537c7&_nc_ohc=BfyJVd63bX8AX__1ROy&_nc_oc=AdiqqR9P3zxO9tnlFGFoX-EAAkZa_50t4onbkf2tOj6WD2HMQnne1D31vwYsly0zQSZy7LIx34NCfPGRcN5x_BeS&_nc_ht=scontent.fisb1-2.fna&oh=00_AfDnVBW2cYFjCeX5w3azkuP7Y3nHEPg__m-DIMNvose3xA&oe=65FFE48B
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
202.165.249.81 , Pakistan, ASN23674 (NAYATEL-PK Nayatel Pvt Ltd, PK),
Reverse DNS
Software
/
Resource Hash
6afa71ffe1c81cf6fc9580312d8543be200b24a6dbae24784617cb595117e092

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://submit-verification-form.vercel.app/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 12:13:24 GMT
content-digest
adler32=2543240437
thrift_fmhk
GBA0mteFlkcMzQT7MjGH908vFfDr4Z0EvFUAAAA=
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
6899
x-fb-connection-quality
MODERATE; q=0.3, rtt=197, rtx=0, c=14, mss=1392, tbw=2751, tp=-1, tpl=-1, uplat=0, ullat=-1
x-storage-error-category
dfs:none;sc_p:200:WSE_NOT_SET
last-modified
Thu, 07 Sep 2023 21:33:33 GMT
x-fb-congestion-signal
congestion-delay:103;congestion-delay-p50:45;congestion-delay-mean:72;congestion-delay-stddev:70;total-samples:2456;dispersion-samples:862;num-congested-samples:1;num-single-packet-samples:0;
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=1209600, no-transform
x-needle-checksum
2543240437
accept-ranges
bytes
timing-allow-origin
*
mainlogo.1e021de7020fcdab170b.png
submit-verification-form.vercel.app/static/media/ 		951 KB
952 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://submit-verification-form.vercel.app/static/media/mainlogo.1e021de7020fcdab170b.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.93 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
4069598637608e9a55ca1eb4736eb6953521fc9f335fa4305d15d4b647a6415d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
fi-FI,fi;q=0.9
Referer
https://submit-verification-form.vercel.app/?fbclid=IwAR3nbcmdSt7i7f9Lb0-3I4zyMI2lAV2huyVH5IgXW6meANsqMC_51FV3kG8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Sat, 23 Mar 2024 12:13:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
server
Vercel
x-vercel-id
arn1::jg9z8-1711196002891-9c597e032af6
age
0
etag
"c934da73d7f76bce6ca5b5e3238df97f"
x-vercel-cache
HIT
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=31536000, immutable
content-disposition
inline; filename="mainlogo.1e021de7020fcdab170b.png"
accept-ranges
bytes
content-length
974323

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload