Submitted URL: http://casibom-amp.com/
Effective URL: https://casibom-amp.com/
Submission Tags: @phish_report
Submission: On October 30 via api from FI — Scanned from TR

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 188.114.97.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is casibom-amp.com.
TLS certificate: Issued by WE1 on October 29th 2024. Valid for: 3 months.
This is the only time casibom-amp.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 188.114.97.3 13335 (CLOUDFLAR...)
1 169.61.160.155 36351 (SOFTLAYER)
2 172.67.133.208 13335 (CLOUDFLAR...)
6 3
Apex Domain
Subdomains
Transfer
4 casibom-amp.com
casibom-amp.com
12 KB
2 casi-girisiler.com
casi-girisiler.com
16 KB
1 sabra.org.br
www.sabra.org.br
20 KB
6 3
Domain Requested by
4 casibom-amp.com 1 redirects casibom-amp.com
2 casi-girisiler.com casibom-amp.com
1 www.sabra.org.br casibom-amp.com
6 3

This site contains links to these domains. Also see Links.

Domain
casibom1128.com
Subject Issuer Validity Valid
casibom-amp.com
WE1
2024-10-29 -
2025-01-27
3 months crt.sh
mpontes.task.com.br
R10
2024-10-11 -
2025-01-09
3 months crt.sh
casi-girisiler.com
WE1
2024-10-25 -
2025-01-23
3 months crt.sh

This page contains 2 frames:

Primary Page: https://casibom-amp.com/
Frame ID: 0CD678841433982661066F9EBE2F982D
Requests: 4 HTTP requests in this frame

Frame: https://casibom-amp.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js
Frame ID: C4302BD20B64FA3011801E065AA0A928
Requests: 2 HTTP requests in this frame

Screenshot

Page Title

Casibom, Casibom Üyelik, Casibom Güncel Giriş Adresi

Page URL History Show full URLs

  1. http://casibom-amp.com/ HTTP 307
    https://casibom-amp.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Page Statistics

6
Requests

83 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

47 kB
Transfer

58 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://casibom-amp.com/ HTTP 307
    https://casibom-amp.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://casibom-amp.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://casibom-amp.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js

6 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
casibom-amp.com/
Redirect Chain
  • http://casibom-amp.com/
  • https://casibom-amp.com/
15 KB
6 KB
Document
General
Full URL
https://casibom-amp.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f209299f7d56349fddb3232c62bb1f517f4869d4e0af75c4836d1c5dff43676

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8da732c1489e6956-IST
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 30 Oct 2024 00:13:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gaOsBu2gCMNc9iaGKQdb%2FQGhSBQ9I3UBAyabJgjUK8njILCLPVWbUlacPTT54fayx8I56b0kBj9bTQHB%2BAcYXKDtsZnvPvwhCsthwwzBoKsdZEumJhZS8kx8T70kd%2B7rEC0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=59291&sent=11&recv=10&lost=0&retrans=0&sent_bytes=4134&recv_bytes=4589&delivery_rate=347&cwnd=12000&unsent_bytes=0&cid=06429aa109881bdb&ts=214&x=1" cfExtPri cfHdrFlush;dur=0

Redirect headers

Location
https://casibom-amp.com/
Non-Authoritative-Reason
HttpsUpgrades
casibom-giris.webp
www.sabra.org.br/site/wp-content/uploads/
20 KB
20 KB
Image
General
Full URL
https://www.sabra.org.br/site/wp-content/uploads/casibom-giris.webp
Requested by
Host: casibom-amp.com
URL: https://casibom-amp.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
169.61.160.155 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
mpontes.task.com.br
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0dfed880eef16575b6e265122c096ed59a076bbb46082a3515b0957b5d884dd9

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://casibom-amp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

ETag
"4eb3-6243687bafdd5"
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
20147
Keep-Alive
timeout=5, max=100
Date
Wed, 30 Oct 2024 00:13:16 GMT
Last-Modified
Fri, 11 Oct 2024 17:08:04 GMT
Server
Apache/2.4.41 (Ubuntu)
casibom.png
casi-girisiler.com/
14 KB
15 KB
Image
General
Full URL
https://casi-girisiler.com/casibom.png
Requested by
Host: casibom-amp.com
URL: https://casibom-amp.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.133.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f00ac4e874d4f85d6abfc03c3968208ff3840594b794709bdda0f4fc383358bf

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://casibom-amp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

cf-cache-status
HIT
age
384901
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lsglMGHvl3oDS7wIUyqrYpLPGwIUuOh6BfWwxrz037%2FRKQD5j7GHKV7imNuPQgUvCv0WU92NWYgawi1HdkNTYDSTRfRc%2Btm%2Fg3iCR0tTVxIgXzp5ZWTl8DDMur%2F6II1HioO4SFk%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 13:18:13 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=41262&sent=6&recv=8&lost=0&retrans=0&sent_bytes=4026&recv_bytes=2401&delivery_rate=105365&cwnd=253&unsent_bytes=0&cid=a96b782519b6f361&ts=110&x=0"
date
Wed, 30 Oct 2024 00:13:14 GMT
content-type
image/png
last-modified
Sun, 20 Oct 2024 22:45:16 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8da732c3ff980c77-SOF
accept-ranges
bytes
content-length
14558
ni-ray
cyqixktjbljoi85w-DNZ
server
cloudflare
main.js
casibom-amp.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/ Frame C430
Redirect Chain
  • https://casibom-amp.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://casibom-amp.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
8 KB
4 KB
Script
General
Full URL
https://casibom-amp.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
Requested by
Host: casibom-amp.com
URL: https://casibom-amp.com/
Protocol
H3
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
72b6618c9acb90d141cc689f35b823112f02b2184819e21fb5f5481603778612
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPJWYAqopF4djZlGJNpsa3op5NRk%2FRC%2FlYzIuxY%2FEkR1TFWZ4rXRX5wINHi7W7s7l7plpXmQipN%2F51PG4hxlfrw8tw%2BT04A9TMmTlPKgdq3RHV25TyT7RTqmtoX8M8m8fN4%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8da732c369a96956-IST
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=60847&sent=20&recv=15&lost=0&retrans=0&sent_bytes=10683&recv_bytes=5492&delivery_rate=10653&cwnd=12000&unsent_bytes=0&cid=06429aa109881bdb&ts=419&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 30 Oct 2024 00:13:14 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0

Redirect headers

cache-control
max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/f2bbd6738e15/main.js?
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BlI3NRMMJX5bNicDl7bIshOOhsd7fFPtJIFt9qUZ8B5tUzheP30JUIPykz4krmCIqy8Ub5MgpQMdmNx7gpLuIf3aO4vYnif0%2Fgfouf6uXpluvkC5btQUcdN6fZLPRl0xmNE%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da732c309766956-IST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
content-length
0
server-timing
cfL4;desc="?proto=QUIC&rtt=60523&sent=18&recv=14&lost=0&retrans=0&sent_bytes=9959&recv_bytes=5099&delivery_rate=104340&cwnd=12000&unsent_bytes=0&cid=06429aa109881bdb&ts=352&x=1", cfExtPri, cfHdrFlush;dur=0
date
Wed, 30 Oct 2024 00:13:14 GMT
vary
Accept-Encoding
server
cloudflare
priority
u=3,i=?0
8da732c1489e6956
casibom-amp.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame C430
0
1 KB
XHR
General
Full URL
https://casibom-amp.com/cdn-cgi/challenge-platform/h/g/jsd/r/8da732c1489e6956
Requested by
Host: casibom-amp.com
URL: https://casibom-amp.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua-platform
"Linux"
Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
Content-Type
application/json
sec-ch-ua-mobile
?0

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zA46Wdun9N9zMV%2BjZs8%2BBKTOcIkUIIJCJdHfuEBuj%2B%2FxWVJTfY7cmI2j7rkI5DsTbkKI36PRe%2Fc%2FYEkjYnpqGBR%2FMIed2XCw8S8SGBEs14B1cq3sZdp7Q%2F5prR6%2FjHGmzmY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8da732c46a266956-IST
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=61426&sent=28&recv=32&lost=0&retrans=0&sent_bytes=15333&recv_bytes=22796&delivery_rate=71972&cwnd=12000&unsent_bytes=0&cid=06429aa109881bdb&ts=585&x=1", cfExtPri, cfHdrFlush;dur=0
content-length
0
date
Wed, 30 Oct 2024 00:13:14 GMT
content-type
text/plain; charset=UTF-8
server
cloudflare
priority
u=1,i
icon-casibom.png
casi-girisiler.com/
895 B
1 KB
Other
General
Full URL
https://casi-girisiler.com/icon-casibom.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.133.208 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0119dbd5a37777107d7890bac6d2dd21a411d85304328f6f91919b55634bfc10

Request headers

sec-ch-ua-platform
"Linux"
Referer
https://casibom-amp.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
sec-ch-ua
"Chromium";v="130", "Google Chrome";v="130", "Not?A_Brand";v="99"
sec-ch-ua-mobile
?0

Response headers

cf-cache-status
HIT
age
384902
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1v23brLkX0glfiQLHxqPxtUEWbeiUQ5kPoOBL5%2BOI7%2B3J8AtPbc8NEq888gr%2FjjNpXaRJG6hV9irIl90o10dHgPEabJ5YxtCPhJ5Mgh5UOppC3wHgUj78MwIoyn%2FbfKbi304cxg%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 01 Nov 2024 13:18:14 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=41238&sent=20&recv=18&lost=0&retrans=0&sent_bytes=19557&recv_bytes=2497&delivery_rate=373670&cwnd=258&unsent_bytes=0&cid=a96b782519b6f361&ts=2295&x=0"
date
Wed, 30 Oct 2024 00:13:16 GMT
content-type
image/png
last-modified
Sun, 20 Oct 2024 22:41:35 GMT
vary
Accept-Encoding
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8da732d1ac2e0c77-SOF
accept-ranges
bytes
content-length
895
ni-ray
8fxxm6qbzx9m1uso-DNZ
server
cloudflare

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0

1 Cookies

Domain/Path Name / Value
.casibom-amp.com/ Name: cf_clearance
Value: Nc0HAfkyTHnmvFkuDOC2eRAiLYwnDcO3eYZMWxl1bk8-1730247194-1.2.1.1-r516.gQK1VJudn.Jeg1biJ7IgaG1XLAAMk7PQfFz8yUOtTW8CaIfdjoDKhb.i5rX2mQcQWQFY7OnG44wF9jiHH3F4Sxf3Ai3EtRDtBZo8H0F8TpHeltUiIwyO2xWVZiBkDYhqI64qUdDw2AfQprZCT0zpoDbcmRc0TsIiK63Zj7.8JcStnsFcBi5L6zgL1npXo.0zdsBkNCbcknqkOVN4cJHoayvn0OGOsVb1eLwPw8gWOuwTBidZOFXzYwhVXHVtsgeUbm4n.fZ9nMW6PHC9JCBL9eUEKcWJvIhG89cacr0VA7Q39HmjTvS1xn_JQb54GhM5ejg_0DR7tNJGEoATbyDB8xc8AvmQ3Rv0tUdcFmEPfldA4I6n5SeeDVFaVvH