![](/screenshots/fb63c96f-3da3-4079-ab5e-75f86a3ac971.png)
business.helpcaseappeal.com
Open in
urlscan Pro
2606:4700:3031::6815:4d3e
Malicious Activity!
Public Scan
Submission: On April 08 via manual from ZA — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on March 22nd 2024. Valid for: 3 months.
This is the only time business.helpcaseappeal.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
3 | 2606:4700:303... 2606:4700:3031::6815:4d3e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a00:1450:400... 2a00:1450:4001:829::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 104.16.86.20 104.16.86.20 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 172.67.204.220 172.67.204.220 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3 | 32934 (FACEBOOK) (FACEBOOK) | |
7 | 6 |
ASN13335 (CLOUDFLARENET, US)
business.helpcaseappeal.com |
ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
helpcaseappeal.com
business.helpcaseappeal.com |
440 KB |
1 |
fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 945 |
5 KB |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 332 |
24 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38 |
1 KB |
7 | 4 |
Domain | Requested by | |
---|---|---|
4 | business.helpcaseappeal.com |
business.helpcaseappeal.com
|
1 | static.xx.fbcdn.net | |
1 | cdn.jsdelivr.net |
business.helpcaseappeal.com
|
1 | fonts.googleapis.com |
business.helpcaseappeal.com
|
7 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
helpcaseappeal.com GTS CA 1P5 |
2024-03-22 - 2024-06-20 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-03-04 - 2024-05-27 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2024-01-16 - 2024-04-15 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://business.helpcaseappeal.com/contact/7390302561325514
Frame ID: 31695DCF0FC352C6EC34696906EAD227
Requests: 8 HTTP requests in this frame
Screenshot
![](/screenshots/fb63c96f-3da3-4079-ab5e-75f86a3ac971.png)
Page Title
Business Help Center | Privacy PolicyDetected technologies
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Google Font API.png)
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Detected patterns
- <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
- //cdn\.jsdelivr\.net/
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
7390302561325514
business.helpcaseappeal.com/contact/ |
1 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
11 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ |
152 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.5223d173.js
business.helpcaseappeal.com/static/js/ |
875 KB 272 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.5910d73b.css
business.helpcaseappeal.com/static/css/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
waring-03.7d77588f436c6958b86c.webp
business.helpcaseappeal.com/static/media/ |
162 KB 163 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
3 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hLRJ1GG_y0J.ico
static.xx.fbcdn.net/rsrc.php/yb/r/ |
4 KB 5 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
business.helpcaseappeal.com
cdn.jsdelivr.net
fonts.googleapis.com
static.xx.fbcdn.net
104.16.86.20
172.67.204.220
2606:4700:3031::6815:4d3e
2a00:1450:4001:829::200a
2a03:2880:f084:105:face:b00c:0:3
007a9dc58c1d16b86a707baf2b5ad26fa9c2b54418e16b2971a458a8bb5c85dd
037f779428d267e79eeadedbf9a480d84e2955b0f079bfc53e6f3143226bdc53
59031fbe9c55f4bb1626065b56161ab7bdd3ae68912586f6f0e9735cc4badb64
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
7c7225ba94ce013c4ade6fb9fc5c32140d0d09fad01e8764fdcfe45c264ae36b
7de33b8253d72fb345a70c77dce2f1885ad41a2388519a608692558dcdf92ad7
89676a3fb8639d6531c525e5800ff4cc44d06d27ff5607922d27e390eb5b6e62
e3b3795e0b0ef3455838cdf632abd476a73a03241e43a19d881b461044ddd0a3