urlscan.io logo urlscan.io
SecurityTrails logo

business.helpcaseappeal.com Open in urlscan Pro
2606:4700:3031::6815:4d3e  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: https://business.helpcaseappeal.com/contact/7390302561325514
Submission: On April 08 via manual from ZA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 7 HTTP transactions. The main IP is 2606:4700:3031::6815:4d3e, located in United States and belongs to CLOUDFLARENET, US. The main domain is business.helpcaseappeal.com.
TLS certificate: Issued by GTS CA 1P5 on March 22nd 2024. Valid for: 3 months.
This is the only time business.helpcaseappeal.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.16.86.20 13335 (CLOUDFLAR...)
1 172.67.204.220 13335 (CLOUDFLAR...)
1 2a03:2880:f08... 32934 (FACEBOOK)
7 6
3    2606:4700:3031::6815:4d3e (United States)

ASN13335 (CLOUDFLARENET, US)
business.helpcaseappeal.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    104.16.86.20 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    172.67.204.220 (United States)

ASN13335 (CLOUDFLARENET, US)
business.helpcaseappeal.com
1    2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
static.xx.fbcdn.net
Apex Domain
Subdomains		 Transfer
4 helpcaseappeal.com
business.helpcaseappeal.com
440 KB
1 fbcdn.net
static.xx.fbcdn.net — Cisco Umbrella Rank: 945
5 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 332
24 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 38
1 KB
7 4
Domain Requested by
4 business.helpcaseappeal.com business.helpcaseappeal.com
1 static.xx.fbcdn.net
1 cdn.jsdelivr.net business.helpcaseappeal.com
1 fonts.googleapis.com business.helpcaseappeal.com
7 4

This site contains no links.

Subject Issuer Validity Valid
helpcaseappeal.com
GTS CA 1P5		 2024-03-22 -
2024-06-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-04 -
2024-05-27		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-02 -
2024-05-01		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-01-16 -
2024-04-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://business.helpcaseappeal.com/contact/7390302561325514
Frame ID: 31695DCF0FC352C6EC34696906EAD227
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Business Help Center | Privacy Policy

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Page Statistics

7
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

4
Subdomains

6
IPs

3
Countries

471 kB
Transfer

1225 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 7390302561325514
business.helpcaseappeal.com/contact/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://business.helpcaseappeal.com/contact/7390302561325514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c7225ba94ce013c4ade6fb9fc5c32140d0d09fad01e8764fdcfe45c264ae36b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language
de-DE,de;q=0.9
sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8710ef9f28b13cb1-CDG
content-encoding
br
content-type
text/html
date
Mon, 08 Apr 2024 08:37:32 GMT
last-modified
Thu, 28 Mar 2024 06:16:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K2vHW6KRN49uczgOjGCRxrr00Fpxgxz1lei1MbeSW1Sqyk70jls2hlQAL47fqD6x4w10yIZbENSlIWUGMH9dNgYHMJDwwbuO1a9CWWKxpAjtIVFRdANU08xiQT1eYto%2BPe2J1F%2FMc%2BX%2F7eNsMGVXQ%2Fhx2Hlx4vwF82k%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,700&display=swap
Requested by
Host: business.helpcaseappeal.com
URL: https://business.helpcaseappeal.com/contact/7390302561325514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59031fbe9c55f4bb1626065b56161ab7bdd3ae68912586f6f0e9735cc4badb64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://business.helpcaseappeal.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 08 Apr 2024 08:37:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 08 Apr 2024 08:37:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 08 Apr 2024 08:37:32 GMT
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 		152 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css
Requested by
Host: business.helpcaseappeal.com
URL: https://business.helpcaseappeal.com/contact/7390302561325514
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.16.86.20 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://business.helpcaseappeal.com/
Origin
https://business.helpcaseappeal.com
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:37:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
2217292
x-jsd-version
5.0.2
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230097-FRA, cache-lga21934-LGA
x-jsd-version-type
version
server
cloudflare
etag
W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dOWU23Be1GsooSturqWjez9rRDAWo60uYETVEHUZa2aszQu%2BmR23QFCqAWqJbnnvY7hteQGrWcwrG5DOT1kAbcDtIerHt%2FgZrSC%2Bdaegg2Sw3%2BsZVFSUDhcMoN%2F23FBL%2BWE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
8710ef9f8c5c3686-FRA
main.5223d173.js
business.helpcaseappeal.com/static/js/ 		875 KB
272 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://business.helpcaseappeal.com/static/js/main.5223d173.js
Requested by
Host: business.helpcaseappeal.com
URL: https://business.helpcaseappeal.com/contact/7390302561325514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b3795e0b0ef3455838cdf632abd476a73a03241e43a19d881b461044ddd0a3

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://business.helpcaseappeal.com/contact/7390302561325514
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Mar 2024 06:16:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5499
etag
W/"66050b47-daae0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bCFrtRoaJPZvR0YkV1VzY2Ll7f37gTa4nfunCUYHkaX9jnihDK1a2Ly8eM97yfx9UvNGp%2FtROXrf6e2uy0Hn9m5GYwuMQqQ7VhgIwvsQKBSzcThUWXnI4N7xmWvsnvuaLVNLZINjj%2FRzXJ4n2f8zeyc54oV5Lc9dlbg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8710ef9f99193cb1-CDG
alt-svc
h3=":443"; ma=86400
main.5910d73b.css
business.helpcaseappeal.com/static/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://business.helpcaseappeal.com/static/css/main.5910d73b.css
Requested by
Host: business.helpcaseappeal.com
URL: https://business.helpcaseappeal.com/contact/7390302561325514
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::6815:4d3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
037f779428d267e79eeadedbf9a480d84e2955b0f079bfc53e6f3143226bdc53

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://business.helpcaseappeal.com/contact/7390302561325514
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:37:32 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 28 Mar 2024 06:16:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5499
etag
W/"66050b47-3f1f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eJel%2Bj2kWR1AJ6R9LG7EaSQD8YpISwfP8OjjXCvteg6eGaqB8pGnYD2BNHg9lVcj1k1ju5dZw%2BrEHuiZkznjMHtOyIlp9SrHLxfpPaoIE%2Bsg4jxvvpTinX2m6EwizY8KQkU3Ch6DAXvGPRTENe1ITSs82kErWfjLhuE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8710ef9f89073cb1-CDG
alt-svc
h3=":443"; ma=86400
waring-03.7d77588f436c6958b86c.webp
business.helpcaseappeal.com/static/media/ 		162 KB
163 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://business.helpcaseappeal.com/static/media/waring-03.7d77588f436c6958b86c.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.204.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7de33b8253d72fb345a70c77dce2f1885ad41a2388519a608692558dcdf92ad7

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://business.helpcaseappeal.com/contact/7390302561325514
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:37:32 GMT
cf-cache-status
HIT
last-modified
Thu, 28 Mar 2024 06:16:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5497
etag
"66050b47-2889a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9FhDGBkWTOQ3YAaGH1mf1FJWVUS06DjJ6r5H36rjap2AePYt3YyJGFz671a6ui2I1rLSkc%2B7k9s9Q2XnTIwJHtl9CPswUNZ%2BDoHuPOj5uIGTwobUo9SjinaNI43uobf0h%2Baqkf4%2BPByCYN4Cmj0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8710efa08b032a64-CDG
alt-svc
h3=":443"; ma=86400
content-length
166042
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
007a9dc58c1d16b86a707baf2b5ad26fa9c2b54418e16b2971a458a8bb5c85dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
hLRJ1GG_y0J.ico
static.xx.fbcdn.net/rsrc.php/yb/r/ 		4 KB
5 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://static.xx.fbcdn.net/rsrc.php/yb/r/hLRJ1GG_y0J.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
89676a3fb8639d6531c525e5800ff4cc44d06d27ff5607922d27e390eb5b6e62
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer
https://business.helpcaseappeal.com/
accept-language
de-DE,de;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 08 Apr 2024 08:37:32 GMT
x-content-type-options
nosniff
content-md5
jN3KQn2um5Jec0MvhzPgWg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4286
reporting-endpoints
permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=5, rtx=0, c=12, mss=1326, tbw=2807, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
3g4a+w7B90M8rCgLVC4tX8cZjZWiKm0tbCrkmcGpTpvL0H11HLFUsEqSH9v7isOF9DdRXSlsHpFMWiMgUUSxKA==
last-modified
Mon, 01 Jan 2001 08:00:00 GMT
report-to
{"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 05 Apr 2025 04:29:53 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies