helpcenters.buzz Open in urlscan Pro
2606:4700:3037::ac43:8c31 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://helpcenters.buzz/
Submission: On May 06 via api (May 6th 2024, 12:48:09 pm UTC) from US — Scanned from DE

Summary HTTP 18 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 18 HTTP transactions. The main IP is 2606:4700:3037::ac43:8c31, located in United States and belongs to CLOUDFLARENET, US. The main domain is helpcenters.buzz.
TLS certificate: Issued by GTS CA 1P5 on May 6th 2024. Valid for: 3 months.

This is the only time helpcenters.buzz was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
15	2606:4700:303... 2606:4700:3037::ac43:8c31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
18	2

15 2606:4700:3037::ac43:8c31 (United States)

ASN13335 (CLOUDFLARENET, US)

helpcenters.buzz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebasestorage.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	helpcenters.buzz helpcenters.buzz	271 KB
3	googleapis.com firebasestorage.googleapis.com — Cisco Umbrella Rank: 6596	73 KB
18	2

	Domain	Requested by
15	helpcenters.buzz	helpcenters.buzz
3	firebasestorage.googleapis.com	helpcenters.buzz
18	2

This site contains links to these domains. Also see Links.

Domain
www.facebook.com

Subject Issuer	Validity	Valid
helpcenters.buzz GTS CA 1P5	`2024-05-06` - `2024-08-04`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-04-16` - `2024-07-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://helpcenters.buzz/
Frame ID: A4E37E0380F5E52BED1B36B44E0934F9
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Meta

Page Statistics

18
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

344 kB
Transfer

1041 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/privacy/explanation/
Title: Meta Privacy Policy

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response helpcenters.buzz/	24 KB 7 KB	287ms 247ms	Document text/html	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash `17b2c1041b583bec7a0bd8ae37525da2947cc9539cb40cd74f39a70983599360` Request headers Accept-Language de-DE,de;q=0.9;q=0.9 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" sec-ch-ua-mobile ?0 sec-ch-ua-platform "Win32" Response headers alt-svc h3=":443"; ma=86400 cache-control s-maxage=31536000, stale-while-revalidate cf-cache-status DYNAMIC cf-ray 87f9151c1a139742-FRA content-encoding br content-type text/html; charset=utf-8 date Mon, 06 May 2024 12:48:04 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DKvaH5NgA2%2B4pnH1SxcmXCg6rlo4E2c4SZM5ntJwwGUfd1fp9Rjk667FAl2NZZQLoLEOQ2EHI5y%2BZu80ozd3d2l53Npe%2FLjkKBhLHHF3UUhsVN5F8rglj9EKXWkvD3DiS%2BbXUYwWOiVjI3%2F9PTms"}],"group":"cf-nel","max_age":604800} server cloudflare vary RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding x-nextjs-cache HIT x-powered-by Next.js
GET H3	200	c9a5bc6a7c948fb0-s.p.woff2 helpcenters.buzz/_next/static/media/	45 KB 46 KB	474ms 473ms	Font font/woff2	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2 Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Origin https://helpcenters.buzz Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT cf-cache-status MISS last-modified Mon, 06 May 2024 07:39:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"b5d8-18f4cd7b34f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JFG5vLOUtd6v3N3p9Xo38Euh%2FQcVzO5Kjl5Hb%2BGHL2rFF0t6tay2MO4V1O3I6WrnZ6FWwUfXLNVrvUx5%2BQTE1zxHdVpfKtwErtb9lTSGQrFis7HkEt6AnAJI7Oe6%2Fm1BFpwB7s1fZnlq8pjVH%2BCE"}],"group":"cf-nel","max_age":604800} content-type font/woff2 cache-control public, max-age=31536000, immutable accept-ranges bytes cf-ray 87f9151dac7d9742-FRA alt-svc h3=":443"; ma=86400 content-length 46552
GET H3	200	0f3d215b01ac433a.css helpcenters.buzz/_next/static/css/	223 KB 33 KB	367ms 366ms	Stylesheet text/css	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/_next/static/css/0f3d215b01ac433a.css Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `59313d7c95641250b90214f17cdc272f74a3c40fb1b6d893937b99ede526d001` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2024 07:39:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"37ba8-18f4cd7b357" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xYjeJ7Htxk%2FJsOluc1FAGHCeaoyGwD%2FWnSdUoGJfGiH4A6xlM%2FJC%2BO4abMSCkIz7pUsBRrcz56NPJAqR12%2BaVxIz7Nmf1pe4pT%2BpZRjhdM5EV4rotN%2BIZMe9B2f7klbLTzMkGQ7sNOnDcmrv7sMF"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 87f9151dac829742-FRA alt-svc h3=":443"; ma=86400
GET H3	200	5dda9c6a1eceb46e.css helpcenters.buzz/_next/static/css/	13 KB 3 KB	279ms 278ms	Stylesheet text/css	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/_next/static/css/5dda9c6a1eceb46e.css Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `1647b312f13fcd170efaefc676991eaabc901c156108c2731835f74d958d163d` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2024 07:39:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"35f6-18f4cd7b353" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YF0%2BnKOt1GeRW%2FZ0BGCN32aOcCAwqqYiULKnwwnOCy1zpaeey%2Bro0hhYKyePc8vq%2Bj%2FEFoayCtWNDxeXmO%2BpWzww3aVNEF4SJB2uchmITtV12c5iPnF6rF%2FjV5v4F%2BWzYjKvWgeh3t4PBFfjMWrD"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 87f9151dac869742-FRA alt-svc h3=":443"; ma=86400
GET H3	200	017368e0e2994f4b.css helpcenters.buzz/_next/static/css/	223 KB 32 KB	379ms 378ms	Stylesheet text/css	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/_next/static/css/017368e0e2994f4b.css Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `dc56ad752ee6061349282a3edba82d79f28234200d5a771c45ddc5d56be7259b` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2024 07:39:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"37ba3-18f4cd7b357" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2NmAy2zySwZPNEGwIZ3Ar0L%2By2qfKb0JUhjJCjYeV3Vr42sbfj3s4M10TolKHqQaw8GJvXDpieUtjgmwckQecztk6T1LQ%2BnZaASEvUflXXldGO1HVU4cTbE9%2BNHHLgmO1bicCXlMxAPM3xgB%2Be3F"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 87f9151dac899742-FRA alt-svc h3=":443"; ma=86400
GET H3	200	aa231b2f1b48947b.css helpcenters.buzz/_next/static/css/	3 KB 1 KB	264ms 263ms	Stylesheet text/css	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/_next/static/css/aa231b2f1b48947b.css Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `23884c556ff5d19a6deee89a2e5ea92fc8bd6620708b8fed39b93a4adce6b6d4` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2024 07:39:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"a1b-18f4cd7b353" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ej0lNxfdwb%2F7d0EOeTNLGU4QkVtC4T%2Fgcbl8oi38LGlI%2FidcDbCpYJnTe9nPbdg0VuUgsAQJbCMIVy5FJCjT3An2Jqi%2B98ettbNlsESrQ7p%2BujT%2BcQ2T9ZP%2F%2FhR3g087%2Fyq1OoMhjw7hDPJUYPVv"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 87f9151dac8d9742-FRA alt-svc h3=":443"; ma=86400
GET H3	200	webpack-da67bb34c3e88aa2.js Show response helpcenters.buzz/_next/static/chunks/	4 KB 2 KB	256ms 255ms	Script application/javascript	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/_next/static/chunks/webpack-da67bb34c3e88aa2.js Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `de20c1db3c82139cd39ef5374acfc3e6b0af3e306166ee58d867b0f92deaced5` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:04 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2024 07:39:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"f51-18f4cd7b353" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u%2FhzOV%2Fwgi%2FkRweTFlI0tBXjM%2FYPpXpmurVxqkGvtUmZU8fAjG6fdoEesbgIqSFtm5BSKBAToD6l4SVY1UNVYglp6e5AsfBdz6GHRqICy8r3DG%2Br%2BQOQZPUV5t%2BmJVhlAaE8z2oqyGDZxc%2BMhwhQ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 87f9151dac8f9742-FRA alt-svc h3=":443"; ma=86400
GET H3	200	fd9d1056-29b1289673c8770b.js Show response helpcenters.buzz/_next/static/chunks/	157 KB 50 KB	479ms 479ms	Script application/javascript	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/_next/static/chunks/fd9d1056-29b1289673c8770b.js Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `79702d855ba6545075382b84e4290f751ae0db8145b27accb9964b4ee0b32d64` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2024 07:39:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"27403-18f4cd7b353" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lNCzSB3J5VJTX%2FoPVsyCU98YuOQrIgbVxh3bCajESYHtf4w74gnwEQticCnSmR9GBZJ7Ryo%2F89ONi%2BMva1kmk0ijaD%2F7P09Z9tiXqlhujWZ%2FNS3lMnJh5FKMCzBbQ%2BIlvWwGoWRfhmY476EqhTnf"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 87f9151dac919742-FRA alt-svc h3=":443"; ma=86400
GET H3	200	596-bd45ea78be427656.js Show response helpcenters.buzz/_next/static/chunks/	97 KB 26 KB	383ms 382ms	Script application/javascript	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/_next/static/chunks/596-bd45ea78be427656.js Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `b144b7a6a886cf0ee11807a166c6cdccca667acf848fe5b11ec81c3a70740db7` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2024 07:39:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"185fa-18f4cd7b353" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H1XRXwMBOcwe%2Fy34%2F2mchPE9dpcTeB1Kf1AP1mGXAc0CTaqw81NtN5I6EzlBQbMB7VJRTYt86HW5dukjGyO5HjIn4jzlLCf8cBdOcdO78YgJypYp9zU050Rc4osVpLAt8WSYBICZjt6tuDkS8RgQ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 87f9151dac949742-FRA alt-svc h3=":443"; ma=86400
GET H3	200	main-app-17bfcadd453c9b10.js Show response helpcenters.buzz/_next/static/chunks/	419 B 692 B	269ms 268ms	Script application/javascript	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/_next/static/chunks/main-app-17bfcadd453c9b10.js Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `e7a1bdd27045a5d711499825200d1b247b8e988013eefd72f914a8931d301fd1` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2024 07:39:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1a3-18f4cd7b34f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zJWWrTYOF1oHYatU7jKfBKxCJSRRVYZf4ok2SHp%2BjLovQS5vfZzlhp9yyQpAq8iIVytebwfl3AW9cngflDzehdwHTIQ7uWZ3u2WodKTSw6bG4Ia95YUm6Fbd1H6SvP6aegpjznqTMNsC7XZTEQlQ"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 87f9151dac969742-FRA alt-svc h3=":443"; ma=86400
GET H2	200	img_meta.png firebasestorage.googleapis.com/v0/b/asm-sevice.appspot.com/o/	5 KB 5 KB	576ms 541ms	Image image/png	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://firebasestorage.googleapis.com/v0/b/asm-sevice.appspot.com/o/img_meta.png?alt=media&token=c3d7eeee-377a-4edd-8916-9f4996e615dc Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash `f85ae19942302afb33ddc15deb32e501c38ae71a83645fbdf96321b1443d4c55` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT x-guploader-uploadid ABPtcPppEnuyigULABoskwCECCVLFUAymGsNoFYtZLBAmYt7QNEyiCdTohpjMUQJ7ZAFoKn_AagNvWCf-w x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-disposition inline; filename=utf-8''img_meta.png alt-svc* h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5127 last-modified Sat, 04 May 2024 09:40:07 GMT server UploadServer etag "3b365a98760b211155db1b2013fc89e9" x-goog-generation 1714815607378915 content-type image/png x-goog-hash crc32c=1Cl5Lg==, md5=OzZamHYLIRFV2xsgE/yJ6Q== cache-control private, max-age=0 x-goog-stored-content-length 5127 x-goog-meta-firebasestoragedownloadtokens c3d7eeee-377a-4edd-8916-9f4996e615dc accept-ranges bytes expires Mon, 06 May 2024 12:48:05 GMT
GET H2	200	mail.png firebasestorage.googleapis.com/v0/b/asm-sevice.appspot.com/o/	63 KB 63 KB	590ms 555ms	Image image/png	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://firebasestorage.googleapis.com/v0/b/asm-sevice.appspot.com/o/mail.png?alt=media&token=83328623-c2b6-484a-9aa8-3007b5438d55 Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash `726be1e116ab2ab6670d94751d0568c157a75f4e625989793fa8e9b77800caa0` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT x-guploader-uploadid ABPtcPpwOJu3nw9bCH1PqsxMEqUqVDNmFb8yYg20kuUYjqiF83kbuxJibd-8gqpF6EpfBLotY7EdqeNNQg x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-disposition inline; filename=utf-8''mail.png alt-svc* h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 64005 last-modified Sat, 04 May 2024 09:40:07 GMT server UploadServer etag "e2ec2d4b04985880f2b12ef8c92fae3e" x-goog-generation 1714815607576716 content-type image/png x-goog-hash crc32c=tsOGIw==, md5=4uwtSwSYWIDysS74yS+uPg== cache-control private, max-age=0 x-goog-stored-content-length 64005 x-goog-meta-firebasestoragedownloadtokens 83328623-c2b6-484a-9aa8-3007b5438d55 accept-ranges bytes expires Mon, 06 May 2024 12:48:05 GMT
GET H2	200	logoMeta.png firebasestorage.googleapis.com/v0/b/asm-sevice.appspot.com/o/	5 KB 5 KB	367ms 333ms	Image image/png	2a00:1450:4001:811::200a GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://firebasestorage.googleapis.com/v0/b/asm-sevice.appspot.com/o/logoMeta.png?alt=media&token=f375c6df-2fed-4466-bb8c-06bc0f0b2376 Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software UploadServer / Resource Hash `096988abc603ffc3519d70d6dcb0475bb60b72f2e490c804f03fbf111074deab` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT x-guploader-uploadid ABPtcPoVF_lvcgRpWgLEMGpSbcFopCLtiaFLTBxtyydxEBcXlcmU_4YrqTV7uX7GGINUT1tX7g_Kkg1vHQ x-goog-storage-class STANDARD x-goog-metageneration 1 x-goog-stored-content-encoding identity content-disposition inline; filename=utf-8''logoMeta.png alt-svc* h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4645 last-modified Sat, 04 May 2024 09:40:07 GMT server UploadServer etag "4632b63ae6c52a32586fb3db3faf1167" x-goog-generation 1714815607478307 content-type image/png x-goog-hash crc32c=e+JzJw==, md5=RjK2OubFKjJYb7PbP68RZw== cache-control private, max-age=0 x-goog-stored-content-length 4645 x-goog-meta-firebasestoragedownloadtokens f375c6df-2fed-4466-bb8c-06bc0f0b2376 accept-ranges bytes expires Mon, 06 May 2024 12:48:05 GMT
GET H3	200	layout-1b605066f7badbb0.js Show response helpcenters.buzz/_next/static/chunks/app/	2 KB 2 KB	253ms 252ms	Script application/javascript	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/_next/static/chunks/app/layout-1b605066f7badbb0.js Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/_next/static/chunks/webpack-da67bb34c3e88aa2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `28c8fc1a56e0533c5148a4ce2da215773faac07f65665bd70338bcc0b4eadb6b` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2024 07:39:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"7ea-18f4cd7b34f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QVXG%2Bn7%2Bxbv5ppInLdteRKs%2BsXNXOFEsUoD7TXTcwxRUJg%2B8skjZELavycj62subMffbELa%2BCzx4%2FCDj%2BaN1wD8AvyVC52G1go%2FHA1nc%2Fnbt%2FYD1CrJkbMoAd9biasyT%2F%2B8qfv0ysZ4erRvonPxh"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 87f91520c9249742-FRA alt-svc h3=":443"; ma=86400
GET H3	200	266-fc3253342523b966.js Show response helpcenters.buzz/_next/static/chunks/	119 KB 44 KB	466ms 465ms	Script application/javascript	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/_next/static/chunks/266-fc3253342523b966.js Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/_next/static/chunks/webpack-da67bb34c3e88aa2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `7cd00baf95ae2297d217786995f9931c6a041c88e3b08f50e1a57b6bfc14ac8e` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2024 07:39:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"1dc44-18f4cd7b353" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C7%2BK9G2xKWfnRsfsUWOv8PTKgQGO5VAq4UqX4SAOLMTO%2FQDPBTRWskzAoOMqv3TVIYnBHQzBgjjm0IFk5iqkee4EEL1RsvEjhPRY78QzdTPA1je2B7%2BoxPGMXp5xv3yZfeHTuRnZ24v3BkjclHq%2B"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 87f91520c9259742-FRA alt-svc h3=":443"; ma=86400
GET H3	200	822-d4784a3b607f5c0c.js Show response helpcenters.buzz/_next/static/chunks/	25 KB 10 KB	250ms 250ms	Script application/javascript	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/_next/static/chunks/822-d4784a3b607f5c0c.js Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/_next/static/chunks/webpack-da67bb34c3e88aa2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `5324734dc6912be500b10f2d53dff148b6ec520393e5cf58838037d69bbaad13` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2024 07:39:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6352-18f4cd7b353" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=q4St5oIwOROR7YKOjmjl79tVPZB1VhdjrtmeeL3XjuWbGIPrWIo%2BF3A8KTU%2Bsh0e%2BccM2TTESps0yGkrO3eIlfRpON%2BLPflIDfCLeXPkexnEMmp1hqc8t9vanE4TKD9pdHXuH57b8Ajf1T6MQYZD"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 87f91520c9279742-FRA alt-svc h3=":443"; ma=86400
GET H3	200	page-6be42aa4d7311c03.js Show response helpcenters.buzz/_next/static/chunks/app/	26 KB 7 KB	251ms 251ms	Script application/javascript	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/_next/static/chunks/app/page-6be42aa4d7311c03.js Requested by Host: helpcenters.buzz URL: https://helpcenters.buzz/_next/static/chunks/webpack-da67bb34c3e88aa2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `27ac25735a29604292b10ed08fbf9829850e70d8aadf6b7d6605cb038487fd77` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2024 07:39:15 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag W/"6936-18f4cd7b34f" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RBTD2pDTFYM3BsiPS5VfkipmyIJYTm1Af8yukoX2%2BCImJGvyQqimz52M2Af%2BxVeFvTUEiPm5ISZz3n7RsVgL%2BsWpjncXQUv6L1zRluuXDsezfrYGxQsV0C4dDffoMCMb%2BG2LkBej6j7usa83Nfhi"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 87f91520c9289742-FRA alt-svc h3=":443"; ma=86400
GET H3	200	favicon.ico helpcenters.buzz/	6 KB 7 KB	250ms 249ms	Other image/x-icon	2606:4700:3037::ac43:8c31 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://helpcenters.buzz/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::ac43:8c31 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash `6edbde440daa9ebdc794eb4b505a061faa33ba936da054bc8671fa53e186a57b` Request headers sec-ch-ua "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124" Referer https://helpcenters.buzz/ Accept-Language de-DE,de;q=0.9;q=0.9 sec-ch-ua-mobile ?0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 sec-ch-ua-platform "Win32" Response headers date Mon, 06 May 2024 12:48:05 GMT content-encoding br cf-cache-status MISS last-modified Mon, 06 May 2024 12:48:05 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare vary RSC, Next-Router-State-Tree, Next-Router-Prefetch, Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TDLxLN%2BHP8UEUy9AVr4Xelp84Ffoch8B7ma7S1r0W%2BoiOB2zkvCn7vdih0j4QdYe8ladmYoFMegE692LpIHUYVOqo9aFb03ENL%2FbpIclL489OMG%2BW6TmZEWhwFqEyign5RQ9xlsie8R87N1rciwi"}],"group":"cf-nel","max_age":604800} content-type image/x-icon x-nextjs-cache HIT cache-control public, max-age=14400, must-revalidate cf-ray 87f91523ed629742-FRA alt-svc h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

firebasestorage.googleapis.com
helpcenters.buzz
2606:4700:3037::ac43:8c31
2a00:1450:4001:811::200a
096988abc603ffc3519d70d6dcb0475bb60b72f2e490c804f03fbf111074deab
1647b312f13fcd170efaefc676991eaabc901c156108c2731835f74d958d163d
17b2c1041b583bec7a0bd8ae37525da2947cc9539cb40cd74f39a70983599360
23884c556ff5d19a6deee89a2e5ea92fc8bd6620708b8fed39b93a4adce6b6d4
27ac25735a29604292b10ed08fbf9829850e70d8aadf6b7d6605cb038487fd77
28c8fc1a56e0533c5148a4ce2da215773faac07f65665bd70338bcc0b4eadb6b
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
5324734dc6912be500b10f2d53dff148b6ec520393e5cf58838037d69bbaad13
59313d7c95641250b90214f17cdc272f74a3c40fb1b6d893937b99ede526d001
6edbde440daa9ebdc794eb4b505a061faa33ba936da054bc8671fa53e186a57b
726be1e116ab2ab6670d94751d0568c157a75f4e625989793fa8e9b77800caa0
79702d855ba6545075382b84e4290f751ae0db8145b27accb9964b4ee0b32d64
7cd00baf95ae2297d217786995f9931c6a041c88e3b08f50e1a57b6bfc14ac8e
b144b7a6a886cf0ee11807a166c6cdccca667acf848fe5b11ec81c3a70740db7
dc56ad752ee6061349282a3edba82d79f28234200d5a771c45ddc5d56be7259b
de20c1db3c82139cd39ef5374acfc3e6b0af3e306166ee58d867b0f92deaced5
e7a1bdd27045a5d711499825200d1b247b8e988013eefd72f914a8931d301fd1
f85ae19942302afb33ddc15deb32e501c38ae71a83645fbdf96321b1443d4c55

helpcenters.buzz Open in urlscan Pro 2606:4700:3037::ac43:8c31 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

18 Requests

100 %HTTPS

100 %IPv6

2 Domains

2 Subdomains

2 IPs

2 Countries

344 kBTransfer

1041 kBSize

0 Cookies

1 Outgoing links

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

6 JavaScript Global Variables

0 Cookies

Indicators

helpcenters.buzz Open in urlscan Pro
2606:4700:3037::ac43:8c31 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

344 kB
Transfer

1041 kB
Size

0
Cookies

18 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!