meta-support-appeal.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2c56 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://meta-support-appeal.pages.dev/
Submission: On March 12 via manual (March 12th 2024, 4:13:36 pm UTC) from US — Scanned from DE

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 2 countries across 2 domains to perform 15 HTTP transactions. The main IP is 2606:4700:310c::ac42:2c56, located in United States and belongs to CLOUDFLARENET, US. The main domain is meta-support-appeal.pages.dev.
TLS certificate: Issued by GTS CA 1P5 on March 1st 2024. Valid for: 3 months.

This is the only time meta-support-appeal.pages.dev was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
12	2606:4700:310... 2606:4700:310c::ac42:2c56	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
15	3

12 2606:4700:310c::ac42:2c56 (United States)

ASN13335 (CLOUDFLARENET, US)

meta-support-appeal.pages.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	pages.dev meta-support-appeal.pages.dev	1 MB
3	gstatic.com www.gstatic.com fonts.gstatic.com	2 MB
15	2

	Domain	Requested by
12	meta-support-appeal.pages.dev	meta-support-appeal.pages.dev
2	www.gstatic.com	meta-support-appeal.pages.dev www.gstatic.com
1	fonts.gstatic.com	meta-support-appeal.pages.dev
15	3

This site contains no links.

Subject Issuer	Validity	Valid
meta-support-appeal.pages.dev GTS CA 1P5	`2024-03-01` - `2024-05-30`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://meta-support-appeal.pages.dev/
Frame ID: 97FCA962A6D28012C5EF075E5DC892A6
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Facebook

Page Statistics

15
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

2697 kB
Transfer

8353 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
meta-support-appeal.pages.dev/ 2 KB
1 KB 244ms
144ms Document
text/html 2606:4700:310c::ac42:2c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meta-support-appeal.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2c56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11086b26927bd36e4881ba9ef7b02ffc5523440a206f6b2235bdfa13c9bf8339

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=0, must-revalidate
cf-ray: 8635126fb8259bfb-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 12 Mar 2024 16:13:31 GMT
etag: W/"3c8abbb10cbc847f1a11638b24322705"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: strict-origin-when-cross-origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2Wnw9WsGnHwWBpAJe2ppecI6J%2BQLcPQi%2FNfQbtluA9py89daW%2FK6X%2BsmR6ir9oMJm14AOvXGVExRhJQDgZdWWxOLeahkmjzkxzGJwnEqphsDCZjQw3%2BolMDrSpm7PGL0BycJpP%2BaEt7sYw2aAe%2BA7RFOwzpIrzn5aLwR%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff

GET
H2 200 flutter.js Show response
meta-support-appeal.pages.dev/ 14 KB
4 KB 117ms
117ms Script
application/javascript 2606:4700:310c::ac42:2c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meta-support-appeal.pages.dev/flutter.js

Requested by

Host: meta-support-appeal.pages.dev
URL: https://meta-support-appeal.pages.dev/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:310c::ac42:2c56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b706f51b33636a563d519b041919b521c54b58c62f12364a0c3f3cfcb92fd5a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:13:31 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"8d0830cd4deefca91a09b7bb05eae2bc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZPMP33n0ReVPALB6bZyZMNQRvu7bmtbzdQKsdCnG%2BElyZwmvmUhJGWH%2Bhwny4HN%2F0SYGQn4yMFcPiP1T%2F7P8g%2FD06UWoxRmL9D2MS0QuKiq4UIlig5pMf00PODGknwfqlKhaWmz2kPmhIPcBl1M%2F61%2B0IT3tO8ons%2BDCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86351270a9c39bfb-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 main.dart.js Show response
meta-support-appeal.pages.dev/ 2 MB
661 KB 86ms
86ms Script
application/javascript 2606:4700:310c::ac42:2c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meta-support-appeal.pages.dev/main.dart.js

Requested by

Host: meta-support-appeal.pages.dev
URL: https://meta-support-appeal.pages.dev/flutter.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2535f324182886f42c2963a61be66bd860e752b8067ceb5ecabdf688038aa52

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:13:32 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"38a1305812121721c52c134165a53fcc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBjlrfWQGUcpMaKMjSnbAkBLN7fUIa3f9SbMfs7EkiY7ZE0QfdwVuIW4iG5unYXeHv8wMrHK31rnkLU2uDds6BeLHjFle0yyUrtAbZ5WnyKRqtBSmn15KGuqn5cYRa46IXx5Jw7wtvo4fWXPhIWmTAWBtTVIXv17ftz3Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8635127788043aa0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 canvaskit.js Show response
www.gstatic.com/flutter-canvaskit/b20183e04096094bcc37d9cde2a4b96f5cc684cf/chromium/ 92 KB
26 KB 126ms
40ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/flutter-canvaskit/b20183e04096094bcc37d9cde2a4b96f5cc684cf/chromium/canvaskit.js

Requested by

Host: meta-support-appeal.pages.dev
URL: https://meta-support-appeal.pages.dev/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b920d79f9c5eb273a28bd5aa3d55569d6476fe373cedc6b7b564c365bacd580f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 05:09:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39814
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25868
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="flutter-team"
vary: Accept-Encoding
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Mar 2025 05:09:59 GMT

GET
H3 200 FontManifest.json Show response
meta-support-appeal.pages.dev/assets/ 336 B
660 B 78ms
77ms Fetch
application/json 2606:4700:310c::ac42:2c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meta-support-appeal.pages.dev/assets/FontManifest.json

Requested by

Host: meta-support-appeal.pages.dev
URL: https://meta-support-appeal.pages.dev/main.dart.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c0d82efde4b1601e153ca5a0749f48f523f1695ac23599deccd4caaa895c783

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:13:33 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"046e1011f784246699ebfbcccc8f684f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnmZKXd8QSLX7I1CNajIwcT%2BLKKWgHGxCoTF1R6Du0N0bPsTEKV%2BnGBJIBjYXqoofZF2U9l7Gu5Bhryof7zJ4PgYNwK2XswmPOO9XqRcIxok%2FEQMWurBT9hCDjzn%2Bz2QPR5CuG3jUlhRuAczr3snh0jYuc32KkjoeaxOsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 863512794aac3aa0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 MaterialIcons-Regular.otf Show response
meta-support-appeal.pages.dev/assets/fonts/ 7 KB
4 KB 129ms
129ms Fetch
font/otf 2606:4700:310c::ac42:2c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meta-support-appeal.pages.dev/assets/fonts/MaterialIcons-Regular.otf

Requested by

Host: meta-support-appeal.pages.dev
URL: https://meta-support-appeal.pages.dev/main.dart.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

556d796630ee4198108e492802f1e5a6e0ac50ca7616e8975a2f46bea742a20a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:13:33 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5a0e1c022f2d797af3a45a75d7c1b812"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=31DnrSpNRcotkvVLXAP5VnGH30sL2QcjkCzaPtN0NTAwtUTXqi0FFAt88mykIVCWZxSdOzPEYcqXi%2FdFN96myWWmanTfQlWzRznxpISbPZ8M9ELhr4vWEcUsnY%2BC7ZeI2D7zCkBTfiMK%2Bazlerk3Ih7DHDfyXlE9ycqXOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/otf
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86351279cb853aa0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Helvetica.ttf Show response
meta-support-appeal.pages.dev/assets/fonts/ 311 KB
138 KB 126ms
126ms Fetch
font/ttf 2606:4700:310c::ac42:2c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meta-support-appeal.pages.dev/assets/fonts/Helvetica.ttf

Requested by

Host: meta-support-appeal.pages.dev
URL: https://meta-support-appeal.pages.dev/main.dart.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f865ddf37549ae44630b13a501f813086e2ae974adc86b97337cd9ee4b1e4ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:13:33 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ae045ad90e3d66ace72688f293475708"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y3dRLxm0pC2a%2FdbVl6ifmfpn0p3QVWOwYuS6PujMeAW3SR3ZLeU%2BB3HYq0FHoW49ZNZ6dPh%2BJyjtHYt%2BrQX9IzvKVrYplcn2gtaO9CLc3Thkq5nzXEcyMurPgOGxmC6JA3lply7YS%2FjyAqwv2z8dwz8Q9ZvL2HWbnTEzLA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86351279cb883aa0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 Helvetica-Bold.ttf Show response
meta-support-appeal.pages.dev/assets/fonts/ 301 KB
148 KB 121ms
120ms Fetch
font/ttf 2606:4700:310c::ac42:2c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meta-support-appeal.pages.dev/assets/fonts/Helvetica-Bold.ttf

Requested by

Host: meta-support-appeal.pages.dev
URL: https://meta-support-appeal.pages.dev/main.dart.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05291f9de00325c3a3f1acdf9a35a8ce4b4fd7d32394482ebb1699ba7ac73ed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:13:33 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"0df9fd4e3675ae34b7bba5385035511c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sp0ZDZ0ccJnQO4IdH7U8vZBtxjuvmXir50LAHl1UFG7R7LLH8ZAnSzq7PLmLIqrwzAvwql4s%2FrHhGHbx9Fp6mh%2Fq6%2BSWtbgs%2BefKy1yRHctbSkc%2FTu%2FAckcGFNrE%2BqTlKZkN%2FoeGV3dajFtI%2BcZU3lDwLcpOaz0vT6eACg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86351279cb893aa0-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 CupertinoIcons.ttf Show response
meta-support-appeal.pages.dev/assets/packages/cupertino_icons/assets/ 1 KB
1 KB 81ms
81ms Fetch
font/ttf 2606:4700:310c::ac42:2c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meta-support-appeal.pages.dev/assets/packages/cupertino_icons/assets/CupertinoIcons.ttf

Requested by

Host: meta-support-appeal.pages.dev
URL: https://meta-support-appeal.pages.dev/main.dart.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bafe71aed5ee6a8a10e8cc5837885ad52282b579bfa6866ae752ecee11096531

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:13:33 GMT
content-encoding: br
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3aefba098b3801b069534d334f2e470a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hQiM%2FVc8d9%2F0Arh5BSg6IsX8EBqDUuwV%2B4mXudJam3bBxyLfWWN3UdXX1Hg8Kuu%2FQbMAw0Js1CNtua8HsAFP7PydJm%2F4v%2Fu2HaIhZ%2B%2BNS5GRfjnHVXKTkVUVUbf3UPfexTfxC15%2Bg7%2BxxC4B8pczrN3vZVXsGAqteKoLhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 86351279cb8c3aa0-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf Show response
fonts.gstatic.com/s/roboto/v20/ 167 KB
90 KB 125ms
40ms Fetch
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf

Requested by

Host: meta-support-appeal.pages.dev
URL: https://meta-support-appeal.pages.dev/main.dart.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 09:10:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25389
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 91230
x-xss-protection: 0
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Mar 2025 09:10:24 GMT

GET
H3 200 canvaskit.wasm Show response
www.gstatic.com/flutter-canvaskit/b20183e04096094bcc37d9cde2a4b96f5cc684cf/chromium/ 5 MB
1 MB 123ms
42ms Fetch
application/wasm 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/flutter-canvaskit/b20183e04096094bcc37d9cde2a4b96f5cc684cf/chromium/canvaskit.wasm

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/flutter-canvaskit/b20183e04096094bcc37d9cde2a4b96f5cc684cf/chromium/canvaskit.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99c17b96de568740e7a2b67172d4587475ea03ddd60eb491f99317f052ad2b80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 06:43:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34181
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/flutter-team
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1489686
x-xss-protection: 0
last-modified: Tue, 22 Aug 2023 21:43:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="flutter-team"
vary: Accept-Encoding
report-to: {"group":"flutter-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/flutter-team"}]}
content-type: application/wasm
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Mar 2025 06:43:52 GMT

GET
H3 200 AssetManifest.bin Show response
meta-support-appeal.pages.dev/assets/ 27 KB
28 KB 121ms
120ms Fetch
application/octet-stream 2606:4700:310c::ac42:2c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meta-support-appeal.pages.dev/assets/AssetManifest.bin

Requested by

Host: meta-support-appeal.pages.dev
URL: https://meta-support-appeal.pages.dev/main.dart.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

153ca6153940b06cce4bd742eaf65f10fc9de35fea53edbf143aae285db12c1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:13:33 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "b182459345a0ca74fcd5ea249821a83b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BlUz3fa4Njaz1%2BnfjtRlgg3WNIhZX3fsMdLixebShEbMpWw%2Bega5ZHMbjTkQLdlQkHY%2FVeplVm%2FvTrRHZvYR6PqBAMAdI4VZINnyxhunzH62SnCHILSn8%2F6uJp4fh2Gr7aTjZwd%2BmLAhR9j%2FxUXQzudrZcBv7EGiqUl52Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8635127cefdb3aa0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 28132

GET
H3 200 img.jpg Show response
meta-support-appeal.pages.dev/assets/assets/ 93 KB
93 KB 108ms
108ms Fetch
image/jpeg 2606:4700:310c::ac42:2c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meta-support-appeal.pages.dev/assets/assets/img.jpg

Requested by

Host: meta-support-appeal.pages.dev
URL: https://meta-support-appeal.pages.dev/main.dart.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84ba5c39b38b4ee9e4612c9208165b2dc6babca41339ccfa3de9ca3db371206e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:13:33 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c39518de593e64cd09241a7544dcc861"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nBGjtmxR9Wmn6lDUZB5VwC8ppvtWOdabjx0rXY3ObJ8Smq86TffuFLYkfunqhnsPC9nlkuI2ZkpjtKCgFzqZg%2BJ8Cwz7%2F9Vpl%2BZX9Gl%2FnFdyS8FF3LR11GSgLn5JutAAG2ljS%2BpU59tYDpsPPt5AWyxszCfthBd5CL9zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8635127eba8e3aa0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 95052

GET
H3 200 metaForBsns.png Show response
meta-support-appeal.pages.dev/assets/assets/images/ 44 KB
44 KB 106ms
106ms Fetch
image/png 2606:4700:310c::ac42:2c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meta-support-appeal.pages.dev/assets/assets/images/metaForBsns.png

Requested by

Host: meta-support-appeal.pages.dev
URL: https://meta-support-appeal.pages.dev/main.dart.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd84251db00dbc31e05ad0685e01123bebfa9c6b338e3feff89f171d4940c8e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:13:33 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "4daec1c3e6aada08d645511ca044ff01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oLqtYDttyGRXZgO9sHC5vKdI4Ra13k1loFdNVcvBdfMj%2FwhtPDZ%2F1CeQVF50o3%2BwfoKTyB9amD63PhoSBx7%2FvaW52q%2BsWoRePFSvlSzjamfQQyg1h6bLvR4HB7Yx7Wuir%2FggDelMUncb7YDmGq19EwEzVd3dRLV8buxazg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8635127eba923aa0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 44556

GET
H3 200 captcha.png Show response
meta-support-appeal.pages.dev/assets/assets/ 2 KB
2 KB 102ms
102ms Fetch
image/png 2606:4700:310c::ac42:2c56
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://meta-support-appeal.pages.dev/assets/assets/captcha.png

Requested by

Host: meta-support-appeal.pages.dev
URL: https://meta-support-appeal.pages.dev/main.dart.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:310c::ac42:2c56 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

348b5977322716d93c106aafdeedfed62b1cb5f3243b05bf31e5b739d1698fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://meta-support-appeal.pages.dev/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 12 Mar 2024 16:13:33 GMT
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "146b45a4b9a163a4311bb3d0661fa63a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XC4wtgX5%2BcWZZb3Vjq7SiYu5UeyHnE8geckVSOVfoCkwU7Ubf8HGZljOoVRvgYkOsq0f9M1aPNnumy9pO9L8CA3Gby0Dn9ZKK6pyhH%2BYYgTZPTwiEvdOwqtZqT84OvXBsXWByuWgS07gtP0imvo5oo5EN8hN3E4puBFpaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
cf-ray: 8635127eba943aa0-FRA
alt-svc: h3=":443"; ma=86400
content-length: 1623

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _flutter function| CanvasKitInit object| flutterCanvasKit

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.gstatic.com/flutter-canvaskit/b20183e04096094bcc37d9cde2a4b96f5cc684cf/chromium/canvaskit.js(Line 130) Message: WebGL: this extension has very low support on mobile devices; do not rely on it for rendering effects: WEBGL_polygon_mode

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
meta-support-appeal.pages.dev
www.gstatic.com
2606:4700:310c::ac42:2c56
2a00:1450:4001:80b::2003
2a00:1450:4001:811::2003
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
05291f9de00325c3a3f1acdf9a35a8ce4b4fd7d32394482ebb1699ba7ac73ed5
11086b26927bd36e4881ba9ef7b02ffc5523440a206f6b2235bdfa13c9bf8339
153ca6153940b06cce4bd742eaf65f10fc9de35fea53edbf143aae285db12c1f
1c0d82efde4b1601e153ca5a0749f48f523f1695ac23599deccd4caaa895c783
348b5977322716d93c106aafdeedfed62b1cb5f3243b05bf31e5b739d1698fd3
556d796630ee4198108e492802f1e5a6e0ac50ca7616e8975a2f46bea742a20a
5f865ddf37549ae44630b13a501f813086e2ae974adc86b97337cd9ee4b1e4ff
84ba5c39b38b4ee9e4612c9208165b2dc6babca41339ccfa3de9ca3db371206e
99c17b96de568740e7a2b67172d4587475ea03ddd60eb491f99317f052ad2b80
b2535f324182886f42c2963a61be66bd860e752b8067ceb5ecabdf688038aa52
b706f51b33636a563d519b041919b521c54b58c62f12364a0c3f3cfcb92fd5a3
b920d79f9c5eb273a28bd5aa3d55569d6476fe373cedc6b7b564c365bacd580f
bafe71aed5ee6a8a10e8cc5837885ad52282b579bfa6866ae752ecee11096531
dd84251db00dbc31e05ad0685e01123bebfa9c6b338e3feff89f171d4940c8e0

meta-support-appeal.pages.dev Open in urlscan Pro 2606:4700:310c::ac42:2c56 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

15 Requests

100 %HTTPS

100 %IPv6

2 Domains

3 Subdomains

3 IPs

2 Countries

2697 kBTransfer

8353 kBSize

0 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

3 JavaScript Global Variables

0 Cookies

1 Console Messages

Security Headers

Indicators

meta-support-appeal.pages.dev Open in urlscan Pro
2606:4700:310c::ac42:2c56 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

3
Subdomains

3
IPs

2
Countries

2697 kB
Transfer

8353 kB
Size

0
Cookies

15 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!