resolvewithmeta.com Open in urlscan Pro
192.64.117.203 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://405160.seu2.cleverreach.com/c/99266267/0a256ff41-skd2kk
Effective URL:
https://resolvewithmeta.com/restrict/
Submission: On September 25 via manual (September 25th 2024, 9:58:13 am UTC) from IE — Scanned from US

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 3 IPs in 3 countries across 4 domains to perform 10 HTTP transactions. The main IP is 192.64.117.203, located in United States and belongs to NAMECHEAP-NET, US. The main domain is resolvewithmeta.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on September 23rd 2024. Valid for: a year.

This is the only time resolvewithmeta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	18.202.181.250 18.202.181.250	16509 (AMAZON-02) (AMAZON-02)
1 5	192.64.117.203 192.64.117.203	22612 (NAMECHEAP...) (NAMECHEAP-NET)
2	2606:4700:20:... 2606:4700:20::681a:92c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	146.70.81.214 146.70.81.214	9009 (M247) (M247)
10	3

1 18.202.181.250 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-181-250.eu-west-1.compute.amazonaws.com

405160.seu2.cleverreach.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.64.117.203 (United States) 1 redirects

ASN22612 (NAMECHEAP-NET, US)
PTR: server304-3.web-hosting.com

resolvewithmeta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:92c (United States)

ASN13335 (CLOUDFLARENET, US)

ipapi.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 146.70.81.214 (Vienna, Austria)

ASN9009 (M247, RO)

shell.anotherlevel.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	resolvewithmeta.com 1 redirects resolvewithmeta.com	184 KB
4	anotherlevel.app shell.anotherlevel.app	828 B
2	ipapi.co ipapi.co — Cisco Umbrella Rank: 17393	2 KB
1	cleverreach.com 1 redirects 405160.seu2.cleverreach.com	882 B
10	4

	Domain	Requested by
5	resolvewithmeta.com	1 redirects resolvewithmeta.com
4	shell.anotherlevel.app	resolvewithmeta.com
2	ipapi.co	resolvewithmeta.com
1	405160.seu2.cleverreach.com	1 redirects
10	4

This site contains no links.

Subject Issuer	Validity	Valid
resolvewithmeta.com Sectigo RSA Domain Validation Secure Server CA	`2024-09-23` - `2025-09-23`	a year	crt.sh
ipapi.co WE1	`2024-09-02` - `2024-12-01`	3 months	crt.sh
shell.anotherlevel.app E6	`2024-08-11` - `2024-11-09`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://resolvewithmeta.com/restrict/
Frame ID: 1589FA564F23AA6CC7C5FA324B336D8C
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Case Appeal | Meta

Page URL History Show full URLs

https://405160.seu2.cleverreach.com/c/99266267/0a256ff41-skd2kk HTTP 302
https://resolvewithmeta.com/restrict HTTP 301
https://resolvewithmeta.com/restrict/ Page URL

Page Statistics

10
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

185 kB
Transfer

568 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://405160.seu2.cleverreach.com/c/99266267/0a256ff41-skd2kk HTTP 302
https://resolvewithmeta.com/restrict HTTP 301
https://resolvewithmeta.com/restrict/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
resolvewithmeta.com/restrict/
Redirect Chain

https://405160.seu2.cleverreach.com/c/99266267/0a256ff41-skd2kk
https://resolvewithmeta.com/restrict
https://resolvewithmeta.com/restrict/

963 B
521 B

101ms
100ms

Document
text/html

192.64.117.203
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://resolvewithmeta.com/restrict/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.203 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server304-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: a80929578d0773a36981a5a1673ced8a148933cf27b3b4fbd790223a09f05302

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-encoding: br
content-length: 355
content-type: text/html
date: Wed, 25 Sep 2024 09:58:06 GMT
last-modified: Wed, 18 Sep 2024 23:08:30 GMT
server: LiteSpeed
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

Redirect headers

content-length: 795
content-type: text/html
date: Wed, 25 Sep 2024 09:58:06 GMT
location: https://resolvewithmeta.com/restrict/
server: LiteSpeed
x-turbo-charged-by: LiteSpeed

GET
H2 200 main.f11cf40e.js Show response
resolvewithmeta.com/restrict/static/js/ 398 KB
119 KB 424ms
423ms Script
text/javascript 192.64.117.203
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://resolvewithmeta.com/restrict/static/js/main.f11cf40e.js
Requested by: Host: resolvewithmeta.com
URL: https://resolvewithmeta.com/restrict/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.203 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server304-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: bf5c20408fd174dfe78aeda6193f5d81ee5ba2f08b6954572dbb0650dde4a33f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://resolvewithmeta.com/restrict/

Response headers

content-encoding: br
accept-ranges: bytes
content-length: 121818
date: Wed, 25 Sep 2024 09:58:07 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/javascript
last-modified: Wed, 18 Sep 2024 23:08:30 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 main.605061a5.css
resolvewithmeta.com/restrict/static/css/ 133 KB
29 KB 175ms
174ms Stylesheet
text/css 192.64.117.203
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://resolvewithmeta.com/restrict/static/css/main.605061a5.css
Requested by: Host: resolvewithmeta.com
URL: https://resolvewithmeta.com/restrict/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.203 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server304-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: afac3e1066e1d17bbcf4c23a583c18b80049e061d2c0ae7a6044ef3fc4ec2c70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://resolvewithmeta.com/restrict/

Response headers

cache-control: public, max-age=604800
content-encoding: br
expires: Wed, 02 Oct 2024 09:58:07 GMT
accept-ranges: bytes
content-length: 29436
date: Wed, 25 Sep 2024 09:58:07 GMT
x-turbo-charged-by: LiteSpeed
content-type: text/css
last-modified: Wed, 18 Sep 2024 23:08:30 GMT
vary: Accept-Encoding
server: LiteSpeed

GET
H2 200 / Show response
ipapi.co/json// 781 B
938 B 346ms
132ms XHR
application/json 2606:4700:20::681a:92c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json//

Requested by

Host: resolvewithmeta.com
URL: https://resolvewithmeta.com/restrict/static/js/main.f11cf40e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3a5bf1f8e20fc53a3f30ed624c81b6e4aa06a06cefe0257af2b05c8d8cdfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://resolvewithmeta.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cf-cache-status: DYNAMIC
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TD3oZQJlAlbQoadaYsehOWBagIeMEHRrfspicTQyzSKmp6eOeZktBr%2B1qh5HnNzF0P3Rdce7g2d325AkVfDP7pFEf%2FkKDtZk02MvRNb%2Bimbsm3EpnXVWMBdGJZT8VNX5PD8qa67E"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
allow: POST, GET, HEAD, OPTIONS, OPTIONS
cf-ray: 8c8a276ec9557cc2-LAX
referrer-policy: same-origin
access-control-allow-origin: https://resolvewithmeta.com
date: Wed, 25 Sep 2024 09:58:08 GMT
content-type: application/json
vary: Host, origin
server: cloudflare
x-frame-options: DENY

GET
H2 200 favicon.ico
resolvewithmeta.com/restrict/ 34 KB
34 KB 150ms
150ms Other
image/x-icon 192.64.117.203
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://resolvewithmeta.com/restrict/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 192.64.117.203 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: server304-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 45f6245d444520d78b4edb628231e1944bb9619eddddc9eb5c0c91d8c982850a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://resolvewithmeta.com/restrict/

Response headers

cache-control: public, max-age=604800
expires: Wed, 02 Oct 2024 09:58:08 GMT
accept-ranges: bytes
content-length: 34494
date: Wed, 25 Sep 2024 09:58:08 GMT
x-turbo-charged-by: LiteSpeed
content-type: image/x-icon
last-modified: Wed, 18 Sep 2024 23:08:08 GMT
server: LiteSpeed

OPTIONS
H/1.1 200
OK shadow
shell.anotherlevel.app/api/activity/ 0
0 980ms
449ms Preflight
text/plain 146.70.81.214
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://shell.anotherlevel.app/api/activity/shadow
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.70.81.214 Vienna, Austria, ASN9009 (M247, RO),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://resolvewithmeta.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 2
Content-Type: text/plain; charset=utf-8
Date: Wed, 25 Sep 2024 09:58:09 GMT
Server: nginx/1.22.1
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
access-control-allow-origin: https://resolvewithmeta.com
access-control-max-age: 600
vary: Origin

POST
H/1.1 200
OK shadow Show response
shell.anotherlevel.app/api/activity/ 85 B
311 B 471ms
469ms XHR
application/json 146.70.81.214
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://shell.anotherlevel.app/api/activity/shadow
Requested by: Host: resolvewithmeta.com
URL: https://resolvewithmeta.com/restrict/static/js/main.f11cf40e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.70.81.214 Vienna, Austria, ASN9009 (M247, RO),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 5bca00413d504d784b3974bb8d78ec197273152c0e4ce073d51250e69e8ee53c

Request headers

Referer: https://resolvewithmeta.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

access-control-allow-origin: *
Content-Length: 85
Date: Wed, 25 Sep 2024 09:58:09 GMT
Content-Type: application/json
Server: nginx/1.22.1
Connection: keep-alive
access-control-allow-credentials: true

GET
H/1.1 404
Not Found get_started Show response
shell.anotherlevel.app/api/set_status// 22 B
255 B 440ms
439ms XHR
application/json 146.70.81.214
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://shell.anotherlevel.app/api/set_status//get_started
Requested by: Host: resolvewithmeta.com
URL: https://resolvewithmeta.com/restrict/static/js/main.f11cf40e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.70.81.214 Vienna, Austria, ASN9009 (M247, RO),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 37ec4665a8102d115ffd1ac20dae94c98b4dac64b0c1a68228aa2a531caeb35d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://resolvewithmeta.com/

Response headers

access-control-allow-origin: *
Content-Length: 22
Date: Wed, 25 Sep 2024 09:58:10 GMT
Content-Type: application/json
Server: nginx/1.22.1
Connection: keep-alive
access-control-allow-credentials: true

GET
H2 200 / Show response
ipapi.co/json// 781 B
707 B 127ms
126ms XHR
application/json 2606:4700:20::681a:92c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ipapi.co/json//

Requested by

Host: resolvewithmeta.com
URL: https://resolvewithmeta.com/restrict/static/js/main.f11cf40e.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700:20::681a:92c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ed3a5bf1f8e20fc53a3f30ed624c81b6e4aa06a06cefe0257af2b05c8d8cdfc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://resolvewithmeta.com/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-opener-policy: same-origin
cf-cache-status: DYNAMIC
content-encoding: br
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0XErozk21UlknwMtAkfd4RaSUoZZvjlPsVCS7cjsGHgfA82ApkaviKe4cZ5bawe949saL7XlLIKsujElR7umJ31C2%2FmDgh6AJq0YpZPpLNflJXHLHCTvFenz5AmNoJ%2FsWCoQVzLn"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
allow: HEAD, OPTIONS, GET, OPTIONS, POST
cf-ray: 8c8a277f6c867cc2-LAX
referrer-policy: same-origin
access-control-allow-origin: https://resolvewithmeta.com
date: Wed, 25 Sep 2024 09:58:11 GMT
content-type: application/json
vary: Host, origin
server: cloudflare
x-frame-options: DENY

GET
H/1.1 200
OK get_started Show response
shell.anotherlevel.app/api/set_status/66f3deb3a4a83b0f97a22478/ 36 B
262 B 462ms
462ms XHR
application/json 146.70.81.214
M247

General

Check archive.org

Show headers Download Go to

Full URL: https://shell.anotherlevel.app/api/set_status/66f3deb3a4a83b0f97a22478/get_started
Requested by: Host: resolvewithmeta.com
URL: https://resolvewithmeta.com/restrict/static/js/main.f11cf40e.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 146.70.81.214 Vienna, Austria, ASN9009 (M247, RO),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: 3a81f99aaef5363691cb6067c2fe3c2b5eea5da386a7f80fcf7eafdd42e90de1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://resolvewithmeta.com/

Response headers

access-control-allow-origin: *
Content-Length: 36
Date: Wed, 25 Sep 2024 09:58:11 GMT
Content-Type: application/json
Server: nginx/1.22.1
Connection: keep-alive
access-control-allow-credentials: true

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| webpackChunkjqmkchwzlovvgkiu string| __reactRouterVersion

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
405160.seu2.cleverreach.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: afvr%2CN4c04nm841f-5HhT13hjvVppkVwvpED%2Co5h3Fz7MPhO
405160.seu2.cleverreach.com/	1970-01-21 00:07:47	Name: cr_user Value: 1
405160.seu2.cleverreach.com/	1970-01-21 00:07:47	Name: cr_client Value: 405160
405160.seu2.cleverreach.com/	1970-01-21 00:07:47	Name: cr_mailing Value: 15621220

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://shell.anotherlevel.app/api/set_status//get_started Message: Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

405160.seu2.cleverreach.com
ipapi.co
resolvewithmeta.com
shell.anotherlevel.app
146.70.81.214
18.202.181.250
192.64.117.203
2606:4700:20::681a:92c
37ec4665a8102d115ffd1ac20dae94c98b4dac64b0c1a68228aa2a531caeb35d
3a81f99aaef5363691cb6067c2fe3c2b5eea5da386a7f80fcf7eafdd42e90de1
45f6245d444520d78b4edb628231e1944bb9619eddddc9eb5c0c91d8c982850a
5bca00413d504d784b3974bb8d78ec197273152c0e4ce073d51250e69e8ee53c
a80929578d0773a36981a5a1673ced8a148933cf27b3b4fbd790223a09f05302
afac3e1066e1d17bbcf4c23a583c18b80049e061d2c0ae7a6044ef3fc4ec2c70
bf5c20408fd174dfe78aeda6193f5d81ee5ba2f08b6954572dbb0650dde4a33f
ed3a5bf1f8e20fc53a3f30ed624c81b6e4aa06a06cefe0257af2b05c8d8cdfc4

resolvewithmeta.com Open in urlscan Pro 192.64.117.203 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

10 Requests

100 %HTTPS

25 %IPv6

4 Domains

4 Subdomains

3 IPs

3 Countries

185 kBTransfer

568 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

resolvewithmeta.com Open in urlscan Pro
192.64.117.203 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

3
IPs

3
Countries

185 kB
Transfer

568 kB
Size

4
Cookies

10 HTTP transactions
0 data transactions