Submitted URL: https://support.seyarabata.com/
Effective URL: https://support.seyarabata.com/login
Submission: On December 03 via automatic, source certstream-suspicious

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 3 HTTP transactions. The main IP is 49.12.36.172, located in Germany and belongs to HETZNER-AS, DE. The main domain is support.seyarabata.com.
TLS certificate: Issued by R3 on December 3rd 2020. Valid for: 3 months.
This is the only time support.seyarabata.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 3 49.12.36.172 24940 (HETZNER-AS)
1 2606:2800:220... 15133 (EDGECAST)
3 2
Apex Domain
Subdomains
Transfer
3 seyarabata.com
support.seyarabata.com
8 KB
1 example.com
example.com
3 2
Domain Requested by
3 support.seyarabata.com 1 redirects support.seyarabata.com
1 example.com support.seyarabata.com
3 2

This site contains links to these domains. Also see Links.

Domain
freescout.net
Subject Issuer Validity Valid
support.seyarabata.com
R3
2020-12-03 -
2021-03-03
3 months crt.sh
www.example.org
DigiCert TLS RSA SHA256 2020 CA1
2020-11-24 -
2021-12-25
a year crt.sh

This page contains 1 frames:

Primary Page: https://support.seyarabata.com/login
Frame ID: 36696494F386A8D73EA099167064F396
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://support.seyarabata.com/ HTTP 302
    https://support.seyarabata.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

3
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

7 kB
Transfer

6 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://support.seyarabata.com/ HTTP 302
    https://support.seyarabata.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
support.seyarabata.com/
Redirect Chain
  • https://support.seyarabata.com/
  • https://support.seyarabata.com/login
4 KB
5 KB
Document
General
Full URL
https://support.seyarabata.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.36.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.36.12.49.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7066083faaf89ef3fd45dd199b52478e616af1fa36d95313cc458a863bf0b638

Request headers

:method
GET
:authority
support.seyarabata.com
:scheme
https
:path
/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
XSRF-TOKEN=eyJpdiI6Im1KRFQ2RnNRajVlVENjYklHYVBSbkE9PSIsInZhbHVlIjoibldidkk2UVBBY3Y2M3REK0wyTVBoUWJcL1pMTzVYZlFJOWRLVTFkQmtVZldDY1VHXC80Q0dsNUZzNUR3bTIwN01HXC96VmtLSklLblVuV2hGNnR3NnpPakE9PSIsIm1hYyI6IjQwNzZkODJiYTBjNmJhMWYwMmEyZDg3Njc4OTA1NzI1MTg2NGUxMjEzNjQwZTJlMjMwMDI5ZTI3YTc5ZGI5ZjcifQ%3D%3D; laravel_session=eyJpdiI6IjhsSW9QeExYSGtDMEl5OXd4WWtZaWc9PSIsInZhbHVlIjoiVFBcL0pOV3BoNE1EeTNnM2x0UlNXMGUyTGhnbm5uczd6bkRJczVcL0JING9wN0VoSmdMQmdxS2dIK09hRnc5TW5JbzR6THdwd2dHclFyeDZQTmRRRWJYZz09IiwibWFjIjoiOTc1N2VlZTNkM2E0NmIwY2Q3ZDEzMzk5NDEyZGU0NWNjNDk0YjI3NzU4Mzg2YWQzMzRiYWE1NTIwZTU2OTdlYSJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
date
Thu, 03 Dec 2020 14:19:03 GMT
pragma
no-cache
set-cookie
XSRF-TOKEN=eyJpdiI6IjgxZ3FtaGtvUU5NXC9hTWVVT1lCY3VnPT0iLCJ2YWx1ZSI6ImdWRkJkN3VUalIySzNZdjJHRUF6bGtsWmtUVUkraWhQT1hzclJJc3c4VGpKbmFzZ1VVXC9EXC9GaXVBSklsdnZ0NnVtemx3NFJFM095YVRiS0xiand1Smc9PSIsIm1hYyI6ImNjZmVkZjY4MDBjNzcyZGE0YWFmZmU5NGNiYjdiYWJlMmFiM2VjZjdmNmFmZDg2YmIxNTBkMWYxODg0N2JhZDAifQ%3D%3D; expires=Thu, 03-Dec-2020 16:19:03 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6InRiQU9aMkQ5RVQzMVprK3RFVVk0a3c9PSIsInZhbHVlIjoiU0FOdnl6eklkeGNZY0M0Y25Ockwxb3Q0UnBZeHJyWm5VRDFZempsN3BcL2RkXC8xQ2o0dmMyRWgyRWg0Y0pRbFFJeHNTcWcwRzZCWFltMzFIWW9RYThwQT09IiwibWFjIjoiNzEyMjQ0ZGFjNmNlYzhmYTQ2YTk0YzlhMzJkM2Y2ZTU3OGNmYTJhODViMjc3MWIzOGQ1MjMzNTc1Y2ZkNzA1YyJ9; expires=Thu, 03-Dec-2020 16:19:03 GMT; Max-Age=7200; path=/; httponly

Redirect headers

server
nginx/1.18.0 (Ubuntu)
content-type
text/html; charset=UTF-8
location
https://support.seyarabata.com/login
cache-control
max-age=0, must-revalidate, no-cache, no-store, private
date
Thu, 03 Dec 2020 14:19:03 GMT
pragma
no-cache
set-cookie
XSRF-TOKEN=eyJpdiI6Im1KRFQ2RnNRajVlVENjYklHYVBSbkE9PSIsInZhbHVlIjoibldidkk2UVBBY3Y2M3REK0wyTVBoUWJcL1pMTzVYZlFJOWRLVTFkQmtVZldDY1VHXC80Q0dsNUZzNUR3bTIwN01HXC96VmtLSklLblVuV2hGNnR3NnpPakE9PSIsIm1hYyI6IjQwNzZkODJiYTBjNmJhMWYwMmEyZDg3Njc4OTA1NzI1MTg2NGUxMjEzNjQwZTJlMjMwMDI5ZTI3YTc5ZGI5ZjcifQ%3D%3D; expires=Thu, 03-Dec-2020 16:19:03 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6IjhsSW9QeExYSGtDMEl5OXd4WWtZaWc9PSIsInZhbHVlIjoiVFBcL0pOV3BoNE1EeTNnM2x0UlNXMGUyTGhnbm5uczd6bkRJczVcL0JING9wN0VoSmdMQmdxS2dIK09hRnc5TW5JbzR6THdwd2dHclFyeDZQTmRRRWJYZz09IiwibWFjIjoiOTc1N2VlZTNkM2E0NmIwY2Q3ZDEzMzk5NDEyZGU0NWNjNDk0YjI3NzU4Mzg2YWQzMzRiYWE1NTIwZTU2OTdlYSJ9; expires=Thu, 03-Dec-2020 16:19:03 GMT; Max-Age=7200; path=/; httponly
552811eceab9804ff8d211d76b95055a11249033033.css
example.com/css/builds/
0
0
Stylesheet
General
Full URL
https://example.com/css/builds/552811eceab9804ff8d211d76b95055a11249033033.css
Requested by
Host: support.seyarabata.com
URL: https://support.seyarabata.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:220:1:248:1893:25c8:1946 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://support.seyarabata.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

banner.png
support.seyarabata.com/img/
2 KB
2 KB
Image
General
Full URL
https://support.seyarabata.com/img/banner.png
Requested by
Host: support.seyarabata.com
URL: https://support.seyarabata.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.36.172 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.172.36.12.49.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
20df585de14f99c5ab1c7af90b6d7c9a608a1347a86c9463f91a82cf182a11f8

Request headers

Referer
https://support.seyarabata.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 03 Dec 2020 14:19:03 GMT
last-modified
Thu, 03 Dec 2020 14:11:59 GMT
server
nginx/1.18.0 (Ubuntu)
etag
"5fc8f22f-7f4"
content-type
image/png
cache-control
max-age=2592000, public
accept-ranges
bytes
content-length
2036
expires
Sat, 02 Jan 2021 14:19:03 GMT

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated

2 Cookies

Domain/Path Name / Value
support.seyarabata.com/ Name: laravel_session
Value: eyJpdiI6InRiQU9aMkQ5RVQzMVprK3RFVVk0a3c9PSIsInZhbHVlIjoiU0FOdnl6eklkeGNZY0M0Y25Ockwxb3Q0UnBZeHJyWm5VRDFZempsN3BcL2RkXC8xQ2o0dmMyRWgyRWg0Y0pRbFFJeHNTcWcwRzZCWFltMzFIWW9RYThwQT09IiwibWFjIjoiNzEyMjQ0ZGFjNmNlYzhmYTQ2YTk0YzlhMzJkM2Y2ZTU3OGNmYTJhODViMjc3MWIzOGQ1MjMzNTc1Y2ZkNzA1YyJ9
support.seyarabata.com/ Name: XSRF-TOKEN
Value: eyJpdiI6IjgxZ3FtaGtvUU5NXC9hTWVVT1lCY3VnPT0iLCJ2YWx1ZSI6ImdWRkJkN3VUalIySzNZdjJHRUF6bGtsWmtUVUkraWhQT1hzclJJc3c4VGpKbmFzZ1VVXC9EXC9GaXVBSklsdnZ0NnVtemx3NFJFM095YVRiS0xiand1Smc9PSIsIm1hYyI6ImNjZmVkZjY4MDBjNzcyZGE0YWFmZmU5NGNiYjdiYWJlMmFiM2VjZjdmNmFmZDg2YmIxNTBkMWYxODg0N2JhZDAifQ%3D%3D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

example.com
support.seyarabata.com
2606:2800:220:1:248:1893:25c8:1946
49.12.36.172
20df585de14f99c5ab1c7af90b6d7c9a608a1347a86c9463f91a82cf182a11f8
7066083faaf89ef3fd45dd199b52478e616af1fa36d95313cc458a863bf0b638