urlscan.io logo urlscan.io
SecurityTrails logo

verificationhelp-center.gq Open in urlscan Pro
2606:4700:3034::ac43:a26b  Public Scan

Go To Rescan Add Verdict Report
URL: https://verificationhelp-center.gq/
Submission: On April 21 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 5 domains to perform 5 HTTP transactions. The main IP is 2606:4700:3034::ac43:a26b, located in United States and belongs to CLOUDFLARENET, US. The main domain is verificationhelp-center.gq.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 21st 2021. Valid for: a year.
This is the only time verificationhelp-center.gq was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 162.159.133.233 13335 (CLOUDFLAR...)
1 162.159.130.232 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 94.73.151.195 34619 (CIZGI)
5 5
1    2606:4700:3034::ac43:a26b (United States)

ASN13335 (CLOUDFLARENET, US)
verificationhelp-center.gq
1    162.159.133.233 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.discordapp.com
1    162.159.130.232 (None, )

ASN13335 (CLOUDFLARENET, US)
media.discordapp.net
1    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
encrypted-tbn0.gstatic.com
1    94.73.151.195 (Turkey)

ASN34619 (CIZGI, TR)
PTR: cpls34.srvpanel.com
www.trendweek.com
Domain Requested by
1 www.trendweek.com verificationhelp-center.gq
1 encrypted-tbn0.gstatic.com verificationhelp-center.gq
1 media.discordapp.net verificationhelp-center.gq
1 cdn.discordapp.com verificationhelp-center.gq
1 verificationhelp-center.gq
5 5

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-04-21 -
2022-04-20		 a year crt.sh
discordapp.net
Cloudflare Inc ECC CA-3		 2020-12-04 -
2021-12-03		 a year crt.sh
*.gstatic.com
GTS CA 1O1		 2021-03-23 -
2021-06-15		 3 months crt.sh
www.trendweek.com
RapidSSL RSA CA 2018		 2019-09-09 -
2021-09-08		 2 years crt.sh

This page contains 1 frames:

Primary Page: https://verificationhelp-center.gq/
Frame ID: CFA41182C95FCD662721D5FA0C0C506E
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

5
Requests

100 %
HTTPS

40 %
IPv6

5
Domains

5
Subdomains

5
IPs

4
Countries

520 kB
Transfer

519 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

5 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
verificationhelp-center.gq/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://verificationhelp-center.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3034::ac43:a26b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.38 ASP.NET
Resource Hash
24bd38b5260fc39dae395bfe19925796833f3bbc5780a86a1643501743693482

Request headers

:method
GET
:authority
verificationhelp-center.gq
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 01:35:11 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d72d2ceb9e38f7d85e3c82196e71073621618968911; expires=Fri, 21-May-21 01:35:11 GMT; path=/; domain=.verificationhelp-center.gq; HttpOnly; SameSite=Lax; Secure ARRAffinity=92bb8b41a3989bbf4423cb3a34b5e79c8d627041e25e2d58ceccf369ec623046;Path=/;Domain=verificationhelp-center.gq
vary
Accept-Encoding
x-powered-by
PHP/5.6.38 ASP.NET
cf-cache-status
DYNAMIC
cf-request-id
0993aa36120000535dc61fa000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8wUsn%2BNJMujWIH%2B8zOUAm5hhflT8s5faZB2DT%2FUeW0P%2F8ralTzMQxlEL2cy%2Frtf6IJkcbL%2FtRhdygHKN%2FrxkQGtY%2F3qwO%2FCIsm0rAkOK9CO84mO8L%2FdkUphhEsINNYML%2FT4AmFgE2g%3D%3D"}],"max_age":604800,"group":"cf-nel"}
nel
{"max_age":604800,"report_to":"cf-nel"}
server
cloudflare
cf-ray
6432dfd0197c535d-FRA
content-encoding
br
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
sadasdasd.png
cdn.discordapp.com/attachments/816942145839038484/823112630981885952/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.discordapp.com/attachments/816942145839038484/823112630981885952/sadasdasd.png
Requested by
Host: verificationhelp-center.gq
URL: https://verificationhelp-center.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.133.233 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98f05227be484074f46ceadea84463b984100426e231d5267862ed0b8afd7f64

Request headers

Referer
https://verificationhelp-center.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash
crc32c=U/AhIw==, md5=3DWMYb4+YjxrFLS2sHhrUQ==
date
Wed, 21 Apr 2021 01:35:12 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid
ABg5-UyjLy6LrdsRPxam2PKJ2eJwuTCuc8dD8m_ls7MCUU6N_XoDsLC6Y9vRhao_eHX0jGEVO2mA2Vt6IkPxAmTHfkE
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6187
cf-request-id
0993aa386f0000268124084000000001
last-modified
Sun, 21 Mar 2021 08:35:43 GMT
server
cloudflare
cache-control
public, max-age=31536000
etag
"dc358c61be3e623c6b14b4b6b0786b51"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u2YhbZYKI0alpXdXcikO2OPCUzbf2aCOD3qkH9xloV07zl%2B8vXovepJqyVkfTKKpzJCrg0QdZW1eYwqGRr6jqauWqqVf8gkAdmCJB820D375VcQ%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1616315743937824
content-type
image/png
x-robots-tag
noindex, nofollow, noarchive, nocache, noimageindex, noodp
x-goog-stored-content-length
6187
accept-ranges
bytes
cf-ray
6432dfd3ec9a2681-TXL
expires
Thu, 21 Apr 2022 01:35:12 GMT
asdsadasasdas.jpg
media.discordapp.net/attachments/818131688076738570/819939000881643587/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.discordapp.net/attachments/818131688076738570/819939000881643587/asdsadasasdas.jpg?width=458&height=458
Requested by
Host: verificationhelp-center.gq
URL: https://verificationhelp-center.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.159.130.232 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b30018b17c53d0a3a96ec3845030cb7443b7d84b6276bfe69041f3026efe1997

Request headers

Referer
https://verificationhelp-center.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 01:35:12 GMT
cf-cache-status
MISS
nel
{"report_to":"cf-nel","max_age":604800}
x-envoy-upstream-service-time
23
content-length
12785
cf-request-id
0993aa38700000266de98e3000000001
last-modified
Fri, 12 Mar 2021 14:24:51 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rPMAc3GgFwGhahqe5QpI0XRK%2Fa%2B3jxmuB8MiVwWCUQb50wGIdsCqzIq6UTGyJ3lLJL%2B9oOhP%2FrIl3IhgeNDLHvviZrH8Bod9Qr02EG9BaFWgTQDtCQ%3D%3D"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
6432dfd3ebd9266d-TXL
expires
Thu, 21 Apr 2022 01:35:12 GMT
images
encrypted-tbn0.gstatic.com/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://encrypted-tbn0.gstatic.com/images?q=tbn:ANd9GcQOGyfYD5v4PyDwcPi2ZdeQRufSBcpTSsVB7g&usqp=CAU
Requested by
Host: verificationhelp-center.gq
URL: https://verificationhelp-center.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55ed4cd057c5a917349a38c8005e351cc70462220d2264d1094c188f514d36cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://verificationhelp-center.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 01:35:11 GMT
x-content-type-options
nosniff
last-modified
Wed, 28 Aug 2019 12:46:19 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5393
x-xss-protection
0
expires
Thu, 21 Apr 2022 01:35:11 GMT
facebook-new-company-logo.gif
www.trendweek.com/wp-content/uploads/2019/11/ 		492 KB
493 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.trendweek.com/wp-content/uploads/2019/11/facebook-new-company-logo.gif
Requested by
Host: verificationhelp-center.gq
URL: https://verificationhelp-center.gq/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
94.73.151.195 , Turkey, ASN34619 (CIZGI, TR),
Reverse DNS
cpls34.srvpanel.com
Software
LiteSpeed /
Resource Hash
faa4d1beb87580c6bf7b2497fd8aaeb00d75e39f2d3f710733503d8551ff3b1c

Request headers

Referer
https://verificationhelp-center.gq/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 21 Apr 2021 01:35:12 GMT
last-modified
Thu, 14 Jan 2021 11:17:25 GMT
server
LiteSpeed
vary
User-Agent
content-type
image/gif
cache-control
public, max-age=15552000
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length
503984
expires
Mon, 18 Oct 2021 01:35:12 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated

2 Cookies

Domain/Path Name / Value
.verificationhelp-center.gq/ Name: ARRAffinity
Value: 92bb8b41a3989bbf4423cb3a34b5e79c8d627041e25e2d58ceccf369ec623046
.verificationhelp-center.gq/ Name: __cfduid
Value: d72d2ceb9e38f7d85e3c82196e71073621618968911