help-center.casehelppagecastoebi.com
Open in
urlscan Pro
2606:4700:3033::6815:33cf
Malicious Activity!
Public Scan
Effective URL: https://help-center.casehelppagecastoebi.com/
Submission: On December 25 via api from US — Scanned from US
Summary
TLS certificate: Issued by GTS CA 1P5 on December 5th 2023. Valid for: 3 months.
This is the only time help-center.casehelppagecastoebi.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 193.84.85.178 193.84.85.178 | 59796 (STORMWALL-AS) (STORMWALL-AS) | |
11 | 2606:4700:303... 2606:4700:3033::6815:33cf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 104.237.62.212 104.237.62.212 | 18450 (WEBNX) (WEBNX) | |
1 | 2606:4700:303... 2606:4700:3036::ac43:a84f | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
13 | 4 |
ASN13335 (CLOUDFLARENET, US)
help-center.casehelppagecastoebi.com | |
gbi-graph.casehelppagecastoebi.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
casehelppagecastoebi.com
help-center.casehelppagecastoebi.com gbi-graph.casehelppagecastoebi.com |
355 KB |
1 |
freeipapi.com
freeipapi.com — Cisco Umbrella Rank: 103443 |
744 B |
1 |
ipify.org
api.ipify.org — Cisco Umbrella Rank: 2843 |
222 B |
1 |
s.id
1 redirects
s.id — Cisco Umbrella Rank: 135548 |
153 B |
13 | 4 |
Domain | Requested by | |
---|---|---|
7 | help-center.casehelppagecastoebi.com |
help-center.casehelppagecastoebi.com
|
4 | gbi-graph.casehelppagecastoebi.com |
help-center.casehelppagecastoebi.com
|
1 | freeipapi.com |
help-center.casehelppagecastoebi.com
|
1 | api.ipify.org |
help-center.casehelppagecastoebi.com
|
1 | s.id | 1 redirects |
13 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
casehelppagecastoebi.com GTS CA 1P5 |
2023-12-05 - 2024-03-04 |
3 months | crt.sh |
*.ipify.org Sectigo RSA Domain Validation Secure Server CA |
2023-02-07 - 2024-02-18 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-02-20 - 2024-02-20 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://help-center.casehelppagecastoebi.com/
Frame ID: 5C11453BC4D437D9A835AF4DC9F620B5
Requests: 15 HTTP requests in this frame
Screenshot
Page Title
Select issuePage URL History Show full URLs
-
https://s.id/businesssupportcontacthome
HTTP 302
https://help-center.casehelppagecastoebi.com/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://s.id/businesssupportcontacthome
HTTP 302
https://help-center.casehelppagecastoebi.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
help-center.casehelppagecastoebi.com/ Redirect Chain
|
755 B 816 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.cb5b66d4.js
help-center.casehelppagecastoebi.com/static/js/ |
671 KB 200 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.559be99d.css
help-center.casehelppagecastoebi.com/static/css/ |
55 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
roboto-latin-400-normal.b009a76ad6afe4ebd301.woff2
help-center.casehelppagecastoebi.com/static/media/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
266 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
21 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
roboto-latin-500-normal.f25d774ecfe0996f8eb5.woff2
help-center.casehelppagecastoebi.com/static/media/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
roboto-latin-700-normal.227c93190fe7f82de3f8.woff2
help-center.casehelppagecastoebi.com/static/media/ |
15 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
gbi-graph.casehelppagecastoebi.com/graphql/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
gbi-graph.casehelppagecastoebi.com/graphql/ |
97 B 524 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
api.ipify.org/ |
22 B 222 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
651 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
420 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
background-289d99b2.1a04d13ed075a5eb588b.jpg
help-center.casehelppagecastoebi.com/static/media/ |
79 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
38.132.118.77
freeipapi.com/api/json/ |
287 B 744 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
gbi-graph.casehelppagecastoebi.com/graphql/ |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
gbi-graph.casehelppagecastoebi.com/graphql/ |
79 B 726 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)3 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| documentPictureInPicture object| webpackChunksupport object| __APOLLO_CLIENT__0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.ipify.org
freeipapi.com
gbi-graph.casehelppagecastoebi.com
help-center.casehelppagecastoebi.com
s.id
104.237.62.212
193.84.85.178
2606:4700:3033::6815:33cf
2606:4700:3036::ac43:a84f
1c3d7c5ed04c782e6edfb8a04b09d3b3e688adffbdae3c4d724fd4d477f48c7b
2323918c968f88f7824d1391806958de07015a04ff7771b6999119924136b2ff
289d99b21fae145c868238c0c499dcf8e84bea445b63e47e3406acfe98e20a34
3160aae201d186404dba0b25e37a985b3f4571bbad4fe323f0fa59210cda58ce
517707f27319930dfa60f3711b78686a2d7ff502605dba3ff17a487b710238b6
662294921ca6240beb0f2aecb7f7ac23dd085b782bbe52a369b20226d26afe33
8ada7d0eb6d126e6d3c019476ce390fbae728af55127e13360bc0e5c70f5aacf
9ed687f9d6ed427a2a0c3dc6bc8d6b93a88125b8549743a594180a50df04dafe
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
d96115050f54fd0c168f20fb496755ce4a6857a57446dbdad9310bfc1d79fcb8
dcdfccc2fa2b5e7fff67768f4221920d0f5b6a5b89f8e8b4b15ec397f71b68f2
dd2c0e16a119bfb2410be38d103adb202d97c11939978af6d5fded4c2b5c705d
e637775dff1cbd38ee06d523f6c01fc073272e75ef1b0612dc90d9d712845e63
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615