Report - facebooksunglassshop.com/FBYUIOE/HWGJSNVR.html

Report Overview

Visited public
2023-12-04 01:44:17
Tags
meta facebook phishing social
URL
facebooksunglassshop.com/FBYUIOE/HWGJSNVR.html
Finishing URL
hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
IP / ASN
172.67.203.2
#13335 CLOUDFLARENET
Title
BUSINESS SUITE
Phishing - Facebook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.gstatic.com	unknown	2008-02-11	2016-07-26 11:37:06	2023-12-03 07:56:40	2.0 kB	387 kB	142.250.74.35
api.ipify.org	3267	2014-01-05	2014-10-06 14:38:43	2023-12-03 05:10:36	457 B	221 B	64.185.227.156
api.ipgeolocation.io	39679	2018-02-26	2018-06-28 13:07:23	2023-12-03 13:25:23	497 B	1.3 kB	172.67.17.71
facebooksunglassshop.com	unknown	unknown	No data	No data	512 B	753 B	172.67.203.2
hiresmarttrainhard.com	unknown	2023-08-13	2023-05-15 04:01:46	2023-12-03 16:51:40	3.6 kB	131 kB	85.187.128.34
www.google.com	7	1997-09-15	2015-05-10 13:11:19	2023-11-19 18:48:38	866 B	2.4 kB	216.58.211.4

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-12-04 01:44:07	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-12-04 01:44:07	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-12-04 01:44:07	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-12-04 01:44:07	low	Client IP	64.185.227.156	ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-12-03	medium	facebooksunglassshop.com/FBYUIOE/HWGJSNVR.html	Facebook, Inc.
2023-11-29	medium	hiresmarttrainhard.com/	Facebook, Inc.
2023-12-03	medium	hiresmarttrainhard.com/help/contact/2026068680760273/	Facebook, Inc.
2023-12-03	medium	hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html	Facebook, Inc.
2023-11-29	medium	hiresmarttrainhard.com/	Facebook, Inc.
2023-11-29	medium	hiresmarttrainhard.com/	Facebook, Inc.
2023-11-29	medium	hiresmarttrainhard.com/confirm.html	Facebook, Inc.
2023-11-29	medium	hiresmarttrainhard.com/	Facebook, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-12-04	medium	hiresmarttrainhard.com	Sinkholed
2023-12-04	medium	hiresmarttrainhard.com	Sinkholed
2023-12-04	medium	hiresmarttrainhard.com	Sinkholed
2023-12-04	medium	hiresmarttrainhard.com	Sinkholed
2023-12-04	medium	hiresmarttrainhard.com	Sinkholed
2023-12-04	medium	hiresmarttrainhard.com	Sinkholed
2023-12-04	medium	hiresmarttrainhard.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (4)

	URL	From	Size	First Seen	Last Seen
	www.google.com/recaptcha/api.js	ScriptElement	850 B	2023-11-14	2024-08-20
Pretty URL www.google.com/recaptcha/api.js IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:30 Last Seen2024-08-20 19:39 Times Seen3579 Hash 57e10dcd72dd2953878092014eae522b 95ba7e48825c26c5d9395ef2edb73e790bce6fa7 c7b54326365940d062bce26ed41579eebcb4946a86ba280790b603926692bd59 Loading...

	www.google.com/recaptcha/api.js?render=explicit	ScriptElement	852 B	2023-11-14	2024-08-20
Pretty URL www.google.com/recaptcha/api.js?render=explicit IP 216.58.211.4 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:04 Last Seen2024-08-20 19:39 Times Seen2436 Hash 045e7f9c6c8e847b367568c957bc95d5 402aeda930f2952fa7618f9980444b844493250b 3aee9726f94b463ddb032522c13856b54261dda89b35907b3f88505b8b83ada9 Loading...

	hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html	ScriptElement	9.2 kB	2023-11-30	2024-08-20
Pretty URL hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html IP 85.187.128.34 ASN #55293 A2HOSTING Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-30 01:35 Last Seen2024-08-20 17:24 Times Seen59 Hash 458a8a899349b9934fdb2085965917d5 8638de0f6591c8010aaedc69c27294ad581827db 1e6c7343c00ef66b3a640d86703ecf1c9a6d8459ff32a64b5907769c042fd6b4 Loading...

	www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js	ScriptElement	476 kB	2023-11-14	2024-08-20
Pretty URL www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js IP 142.250.74.35 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-14 09:02 Last Seen2024-08-20 19:39 Times Seen12206 Hash 23b9dd721490a4062ba8d01454ef6ba9 efdbb7331585411f7d397dacbf51fd3e95f3031d 4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7 Loading...

HTTP Transactions (16)

URL IP Response Size

facebooksunglassshop.com/FBYUIOE/HWGJSNVR.html

172.67.203.2

302 Found

0 B

URL User Request GET HTTP/2
facebooksunglassshop.com/FBYUIOE/HWGJSNVR.html
IP
172.67.203.2:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerLet's Encrypt
Subjectfacebooksunglassshop.com
FingerprintC4:02:A4:19:A9:47:30:28:DE:60:71:35:80:80:86:14:8D:BE:E7:10
ValidityFri, 01 Dec 2023 07:19:33 GMT - Thu, 29 Feb 2024 07:19:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.

HTTP Headers

GET /FBYUIOE/HWGJSNVR.html HTTP/1.1
Host: facebooksunglassshop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Mon, 04 Dec 2023 01:43:59 GMT
content-length: 0
location: https://hiresmarttrainhard.com/help/contact/2026068680760273
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-language: en-US
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DeD11HwJhFgdT58xQOErn6c%2BK69peurqWUxhOW%2FjcUa0OxhC6pJc5%2BlRVy7YUSoZw5CA6TPs%2BkcPB27HnFoL5UlU4gpsSGTvU6CtQwdXPKwlpoDXdqM5T%2Bn%2BTRo3dLJJXP6%2FyL%2FXbaxUM7Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 83005c941aec56bb-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

hiresmarttrainhard.com/help/contact/2026068680760273

85.187.128.34

301 Moved Permanently

707 B

URL User Request GET HTTP/2
hiresmarttrainhard.com/help/contact/2026068680760273
IP
85.187.128.34:443
ASN
#55293 A2HOSTING

Certificate
IssuercPanel, Inc.
Subjecthiresmarttrainhard.com
FingerprintFE:98:BF:F5:FD:56:63:22:80:00:AA:BD:C5:E4:73:1F:E1:AB:C1:C8
ValidityWed, 29 Nov 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /help/contact/2026068680760273 HTTP/1.1
Host: hiresmarttrainhard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 707
date: Mon, 04 Dec 2023 01:44:00 GMT
server: LiteSpeed
location: https://hiresmarttrainhard.com/help/contact/2026068680760273/
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
X-Firefox-Spdy: h2

hiresmarttrainhard.com/help/contact/2026068680760273/

85.187.128.34

302 Found

1.4 kB

URL User Request GET HTTP/2
hiresmarttrainhard.com/help/contact/2026068680760273/
IP
85.187.128.34:443
ASN
#55293 A2HOSTING

Certificate
IssuercPanel, Inc.
Subjecthiresmarttrainhard.com
FingerprintFE:98:BF:F5:FD:56:63:22:80:00:AA:BD:C5:E4:73:1F:E1:AB:C1:C8
ValidityWed, 29 Nov 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (767), with CRLF line terminators
Size
1.4 kB (1359 bytes)
Hash
ea4b5fd0f74965a7e97dcb908d2415de
23e2d4e906b0641f5104c51520e51f32f366f8fa
f61b0af90358070692843ae37acbf69a3cc54375a072c277bbccddafd22608fc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /help/contact/2026068680760273/ HTTP/1.1
Host: hiresmarttrainhard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
x-powered-by: PHP/7.2.34
location: confirm.html
content-type: text/html; charset=UTF-8
content-length: 1359
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 01:44:00 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
X-Firefox-Spdy: h2

hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html

85.187.128.34

200 OK

51 kB

URL User Request GET HTTP/2
hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
IP
85.187.128.34:443
ASN
#55293 A2HOSTING

Certificate
IssuercPanel, Inc.
Subjecthiresmarttrainhard.com
FingerprintFE:98:BF:F5:FD:56:63:22:80:00:AA:BD:C5:E4:73:1F:E1:AB:C1:C8
ValidityWed, 29 Nov 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (32223), with CRLF line terminators
Size
51 kB (50936 bytes)
Hash
c04b19d31604274ed85dab3d3eb01870
8ee1eb959e5fccc93783e3f17fa6b3d968c130e1
405d0355b4d08270e034c19bd1d0c504d4f4e8aa8326598d4a1ccc08fe86e554

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /help/contact/2026068680760273/confirm.html HTTP/1.1
Host: hiresmarttrainhard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: text/html
last-modified: Sat, 02 Dec 2023 03:55:34 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 50936
date: Mon, 04 Dec 2023 01:44:01 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=3600, must-revalidate
X-Firefox-Spdy: h2

hiresmarttrainhard.com/style.css

85.187.128.34

200 OK

22 kB

URL GET HTTP/3
hiresmarttrainhard.com/style.css
IP
85.187.128.34:443
ASN
#55293 A2HOSTING

Requested by
https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Certificate
IssuercPanel, Inc.
Subjecthiresmarttrainhard.com
FingerprintFE:98:BF:F5:FD:56:63:22:80:00:AA:BD:C5:E4:73:1F:E1:AB:C1:C8
ValidityWed, 29 Nov 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65080), with CRLF line terminators
Size
22 kB (21927 bytes)
Hash
2fef660aafc470b8ae6b276c28cdd776
12b5451b26793f887a869e9af45897254879e1b8
cc8b1a0c0827d63eec2c7b9a30d4794ea64fe479cab57c61e86a9d6ad339e4d5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /style.css HTTP/1.1
Host: hiresmarttrainhard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
cache-control: max-age=604800, public
expires: Mon, 11 Dec 2023 01:44:01 GMT
content-type: text/css
last-modified: Sat, 11 Nov 2023 11:12:22 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 21927
date: Mon, 04 Dec 2023 01:44:01 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"

hiresmarttrainhard.com/Segoe.73e9cd89613cc1d9a962.ttf

85.187.128.34

302 Found

1.4 kB

URL GET HTTP/3
hiresmarttrainhard.com/Segoe.73e9cd89613cc1d9a962.ttf
IP
85.187.128.34:443
ASN
#55293 A2HOSTING

Requested by
https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Certificate
IssuercPanel, Inc.
Subjecthiresmarttrainhard.com
FingerprintFE:98:BF:F5:FD:56:63:22:80:00:AA:BD:C5:E4:73:1F:E1:AB:C1:C8
ValidityWed, 29 Nov 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (767), with CRLF line terminators
Size
1.4 kB (1359 bytes)
Hash
ea4b5fd0f74965a7e97dcb908d2415de
23e2d4e906b0641f5104c51520e51f32f366f8fa
f61b0af90358070692843ae37acbf69a3cc54375a072c277bbccddafd22608fc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Segoe.73e9cd89613cc1d9a962.ttf HTTP/1.1
Host: hiresmarttrainhard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hiresmarttrainhard.com/style.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
x-powered-by: PHP/7.2.34
location: confirm.html
content-type: text/html; charset=UTF-8
content-length: 1359
content-encoding: br
vary: Accept-Encoding
date: Mon, 04 Dec 2023 01:44:02 GMT
server: LiteSpeed
cache-control: no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

www.google.com/recaptcha/api.js?render=explicit

216.58.211.4

200 OK

577 B

URL GET HTTP/2
www.google.com/recaptcha/api.js?render=explicit
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
gzip compressed data\012- data
Size
577 B (577 bytes)
Hash
463b0cdb14a64f5eff6219e0326c43da
ad01b4bc2d161eeb21bb44962d5f7f6e00a4957d
7151fc4329a0198862aee4db88f3bf4d0aacfbe44ac68395cb5f61219db3b0f2

HTTP Headers

GET /recaptcha/api.js?render=explicit HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hiresmarttrainhard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Mon, 04 Dec 2023 01:44:01 GMT
date: Mon, 04 Dec 2023 01:44:01 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hiresmarttrainhard.com/confirm.html

85.187.128.34

200 OK

51 kB

URL GET HTTP/3
hiresmarttrainhard.com/confirm.html
IP
85.187.128.34:443
ASN
#55293 A2HOSTING

Requested by
https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Certificate
IssuercPanel, Inc.
Subjecthiresmarttrainhard.com
FingerprintFE:98:BF:F5:FD:56:63:22:80:00:AA:BD:C5:E4:73:1F:E1:AB:C1:C8
ValidityWed, 29 Nov 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (32223), with CRLF line terminators
Size
51 kB (50936 bytes)
Hash
c04b19d31604274ed85dab3d3eb01870
8ee1eb959e5fccc93783e3f17fa6b3d968c130e1
405d0355b4d08270e034c19bd1d0c504d4f4e8aa8326598d4a1ccc08fe86e554

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /confirm.html HTTP/1.1
Host: hiresmarttrainhard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hiresmarttrainhard.com/style.css
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-type: text/html
last-modified: Wed, 29 Nov 2023 17:00:55 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 50936
date: Mon, 04 Dec 2023 01:44:02 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=3600, must-revalidate

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hiresmarttrainhard.com
DNT: 1
Connection: keep-alive
Referer: https://hiresmarttrainhard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 11:52:30 GMT
expires: Mon, 02 Dec 2024 11:52:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 49892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__vi.js

142.250.74.35

404 Not Found

1.6 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__vi.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1621 bytes)
Hash
77f558988aa01e1528573a29a0040cc0
59ff391fe39b76a4aef8c010ee4751eac290ec85
68a6dde7f952136e04fe8c32e5af1d7b1cdeab2ab3f3c5caf36e36f921a0e435

HTTP Headers

GET /recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__vi.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hiresmarttrainhard.com
DNT: 1
Connection: keep-alive
Referer: https://hiresmarttrainhard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 01:44:02 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js

142.250.74.35

200 OK

191 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
ASCII text, with very long lines (563)
Size
191 kB (190682 bytes)
Hash
23b9dd721490a4062ba8d01454ef6ba9
efdbb7331585411f7d397dacbf51fd3e95f3031d
4970c7161d03503a3eb5ec49e4190a03445c50cd5a9081714bd13183d2d948a7

HTTP Headers

GET /recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hiresmarttrainhard.com
DNT: 1
Connection: keep-alive
Referer: https://hiresmarttrainhard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 190682
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 03 Dec 2023 11:52:30 GMT
expires: Mon, 02 Dec 2024 11:52:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 14 Nov 2023 05:42:11 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 49892
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__vi.js

142.250.74.35

404 Not Found

1.6 kB

URL GET HTTP/2
www.gstatic.com/recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__vi.js
IP
142.250.74.35:443
ASN
#15169 GOOGLE

Requested by
https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1136)
Size
1.6 kB (1621 bytes)
Hash
77f558988aa01e1528573a29a0040cc0
59ff391fe39b76a4aef8c010ee4751eac290ec85
68a6dde7f952136e04fe8c32e5af1d7b1cdeab2ab3f3c5caf36e36f921a0e435

HTTP Headers

GET /recaptcha/releases/uEf7E1417z6GNSkRx7AyL8K8/recaptcha__vi.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hiresmarttrainhard.com
DNT: 1
Connection: keep-alive
Referer: https://hiresmarttrainhard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 404 Not Found
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
date: Mon, 04 Dec 2023 01:44:02 GMT
content-type: text/html; charset=UTF-8
server: sffe
content-length: 1621
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

hiresmarttrainhard.com/favicon.ico

85.187.128.34

404 Not Found

708 B

URL GET HTTP/3
hiresmarttrainhard.com/favicon.ico
IP
85.187.128.34:443
ASN
#55293 A2HOSTING

Requested by
https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Certificate
IssuercPanel, Inc.
Subjecthiresmarttrainhard.com
FingerprintFE:98:BF:F5:FD:56:63:22:80:00:AA:BD:C5:E4:73:1F:E1:AB:C1:C8
ValidityWed, 29 Nov 2023 00:00:00 GMT - Tue, 27 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
708 B (708 bytes)
Hash
2382378378c002d88b9a507c712c3349
2e894db3808b554abadc8b144338ad9e2ea937ba
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: hiresmarttrainhard.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 708
date: Mon, 04 Dec 2023 01:44:02 GMT
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff

api.ipify.org/?format=json

64.185.227.156

200 OK

21 B

URL GET HTTP/1.1
api.ipify.org/?format=json
IP
64.185.227.156:443
ASN
#18450 WEBNX

Requested by
https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Certificate
IssuerSectigo Limited
Subject*.ipify.org
FingerprintF4:76:2D:2C:65:D1:15:BE:19:A4:C5:E0:8D:EB:89:1A:B6:75:4A:54
ValidityTue, 07 Feb 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
39cb62bb7010a4cdcb91d6b5f120f3c1
bee1118124f11f06f3c181611630697323ea23ff
05a7a2bbe813eab2a3d85823a552f1008dce66fe98abef73ddfd1d8056d298f4

HTTP Headers

GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hiresmarttrainhard.com/
Origin: https://hiresmarttrainhard.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.1
Date: Mon, 04 Dec 2023 01:44:02 GMT
Content-Type: application/json
Content-Length: 21
Connection: keep-alive
Access-Control-Allow-Origin: *
Vary: Origin

www.google.com/recaptcha/api.js

216.58.211.4

200 OK

850 B

URL GET HTTP/2
www.google.com/recaptcha/api.js
IP
216.58.211.4:443
ASN
#15169 GOOGLE

Requested by
https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subjectwww.google.com
FingerprintB0:8E:97:10:7E:30:90:F6:42:A1:32:63:5C:78:27:D3:A8:F1:05:D1
ValidityMon, 23 Oct 2023 11:24:57 GMT - Mon, 15 Jan 2024 11:24:56 GMT

File type
ASCII text, with very long lines (850), with no line terminators
Size
850 B (850 bytes)
Hash
57e10dcd72dd2953878092014eae522b
95ba7e48825c26c5d9395ef2edb73e790bce6fa7
c7b54326365940d062bce26ed41579eebcb4946a86ba280790b603926692bd59

HTTP Headers

GET /recaptcha/api.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://hiresmarttrainhard.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
expires: Mon, 04 Dec 2023 01:44:01 GMT
date: Mon, 04 Dec 2023 01:44:01 GMT
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

api.ipgeolocation.io/ipgeo?apiKey=f40a6ea769ce4740b4d5462dc649bbcf

172.67.17.71

200 OK

845 B

URL GET HTTP/2
api.ipgeolocation.io/ipgeo?apiKey=f40a6ea769ce4740b4d5462dc649bbcf
IP
172.67.17.71:443
ASN
#13335 CLOUDFLARENET

Requested by
https://hiresmarttrainhard.com/help/contact/2026068680760273/confirm.html
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint6E:F7:63:DC:0F:29:42:1E:46:DC:0B:5B:1B:8A:18:2F:9F:91:0E:59
ValidityFri, 28 Apr 2023 00:00:00 GMT - Sat, 27 Apr 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (977), with no line terminators
Size
845 B (845 bytes)
Hash
6b33625da9a3b78eaf2bd1c38cc6ba1f
315d1c8127bca655ae1d967d89309093f5281e67
50a0d6dfc1bc1e86de949185422be9a58affd8e7b9fb2aade5beb39ffb81c580

HTTP Headers

GET /ipgeo?apiKey=f40a6ea769ce4740b4d5462dc649bbcf HTTP/1.1
Host: api.ipgeolocation.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hiresmarttrainhard.com/
Origin: https://hiresmarttrainhard.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Mon, 04 Dec 2023 01:44:02 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://hiresmarttrainhard.com
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 83005ca44c1a0b51-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (4)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (16)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP