meta.com-case81824.com Open in urlscan Pro
2a06:98c1:3121::9 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://meta.com-case81824.com/help/contact/371477532586933
Submission: On November 20 via automatic, source openphish (November 20th 2024, 1:27:00 pm UTC) — Scanned from NL

Summary HTTP 11 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 11 HTTP transactions. The main IP is 2a06:98c1:3121::9, located in United States and belongs to CLOUDFLARENET, US. The main domain is meta.com-case81824.com.
TLS certificate: Issued by WE1 on November 19th 2024. Valid for: 3 months.

This is the only time meta.com-case81824.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Facebook (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
1	2a06:98c1:312... 2a06:98c1:3121::9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
4	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.12.205 104.26.12.205	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	5

1 2a06:98c1:3121::9 (United States)

ASN13335 (CLOUDFLARENET, US)

meta.com-case81824.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

meta.com-case81824.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.12.205 (None, )

ASN13335 (CLOUDFLARENET, US)

api.ipify.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

freeipapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	com-case81824.com meta.com-case81824.com	125 KB
4	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 318	115 KB
1	freeipapi.com freeipapi.com — Cisco Umbrella Rank: 80673	953 B
1	ipify.org api.ipify.org — Cisco Umbrella Rank: 2001	296 B
11	4

	Domain	Requested by
5	meta.com-case81824.com	meta.com-case81824.com
4	cdn.jsdelivr.net	meta.com-case81824.com
1	freeipapi.com	meta.com-case81824.com
1	api.ipify.org	meta.com-case81824.com
11	4

This site contains no links.

Subject Issuer	Validity	Valid
com-case81824.com WE1	`2024-11-19` - `2025-02-17`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2024 Q3	`2024-07-30` - `2025-08-31`	a year	crt.sh
ipify.org WE1	`2024-11-13` - `2025-02-11`	3 months	crt.sh
freeipapi.com Cloudflare Inc ECC CA-3	`2024-01-21` - `2024-12-31`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://meta.com-case81824.com/help/contact/371477532586933
Frame ID: C48F9C59C11EE9A323F6E8805B845D50
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Business Help Center | Privacy Policy

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

11
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

241 kB
Transfer

853 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

11 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request 371477532586933 Show response
meta.com-case81824.com/help/contact/ 1 KB
1 KB 643ms
573ms Document
text/html 2a06:98c1:3121::9
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meta.com-case81824.com/help/contact/371477532586933
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16ec511cfe42f56bffda06bc613057642645450d27a02baf2347a14461d02afb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8e58c6312e2b0baa-AMS
content-encoding: zstd
content-type: text/html
date: Wed, 20 Nov 2024 13:26:52 GMT
last-modified: Thu, 10 Oct 2024 12:29:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B5ie9oRd4xahOc1kJe6OVLYV4dcoyEjrzVY%2FPoTx5mzPrfa41ncwXERE2%2F9rAyqWxmZAsaQ1ib6Hm922cJgG37fZzQsOoms0ERospxPj0GRyBP2in3fZTkYVhqC0y31DcRrtGCBMBjEZbrt05VIW0Jh9k2XW"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=TCP&rtt=17097&sent=8&recv=11&lost=0&retrans=0&sent_bytes=3907&recv_bytes=2315&delivery_rate=230223&cwnd=251&unsent_bytes=0&cid=b256dd607a69c476&ts=588&x=0"

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/ 227 KB
27 KB 255ms
3ms Stylesheet
text/css 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.3.0/dist/css/bootstrap.min.css

Requested by

Host: meta.com-case81824.com
URL: https://meta.com-case81824.com/help/contact/371477532586933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://meta.com-case81824.com
Referer: https://meta.com-case81824.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"38dd2-sjFlHg/Wi72HWBifvTZCxGLTT6Y"
age: 2517561
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 20 Nov 2024 13:26:53 GMT
content-type: text/css; charset=utf-8
x-served-by: cache-fra-eddf8230088-FRA, cache-mad22034-MAD
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 27424
x-jsd-version: 5.3.0

GET
H3 200 index-148a98fb.js Show response
meta.com-case81824.com/assets/ 274 KB
94 KB 47ms
47ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meta.com-case81824.com/assets/index-148a98fb.js
Requested by: Host: meta.com-case81824.com
URL: https://meta.com-case81824.com/help/contact/371477532586933
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143c9e315c967196d3356ec4de89f0d2037af6806f64bb94173bbdddf77ce274

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://meta.com-case81824.com
Referer: https://meta.com-case81824.com/help/contact/371477532586933

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"44777-6241e867487d3"
age: 3519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5M5ponj2gQLWzKDDVSGoFgAdVU7cqn6MOTk9KN2OP7z6Be2l7WXl9P%2FDUiMQ0CGp9iyOJJPq%2BmtS2OnfEejY94IrKF55IZsJgoguWbtfIoiD8muHrhqBpuiPWPuFNwy7eeepxWoBb%2Fud"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e58c6351d07b8f4-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20409&sent=16&recv=12&lost=0&retrans=0&sent_bytes=7195&recv_bytes=4840&delivery_rate=494&cwnd=12000&unsent_bytes=0&cid=e81837bdb935e0a7&ts=697&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 13:26:52 GMT
content-type: application/javascript
last-modified: Thu, 10 Oct 2024 12:29:43 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 index-d076d531.css
meta.com-case81824.com/assets/ 10 KB
3 KB 47ms
46ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meta.com-case81824.com/assets/index-d076d531.css
Requested by: Host: meta.com-case81824.com
URL: https://meta.com-case81824.com/help/contact/371477532586933
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d076d531cc08f01d753f7cda70ed0e97907546f161cbf470b72ef2fea31c1f0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://meta.com-case81824.com/help/contact/371477532586933

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"279b-61a1081569d00"
age: 3520
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jy131Su0Qqd3m2h3PHLr0VRA1J7CQyfLWjhQ24ak5bMZTPBw7Cs4zU7O2lHVLqQCetoWICko%2FkyrhqntHN750CQ8i4EJT%2FOVG071vmjudHOyg0W%2FLJsBuQ%2FZtFFpVe%2FXTqVHe%2BuyuxIC"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e58c6351d08b8f4-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=20409&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4216&recv_bytes=4840&delivery_rate=494&cwnd=12000&unsent_bytes=0&cid=e81837bdb935e0a7&ts=694&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 13:26:52 GMT
content-type: text/css
last-modified: Tue, 04 Jun 2024 13:34:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 react.production.min.js Show response
cdn.jsdelivr.net/npm/react/umd/ 10 KB
4 KB 327ms
76ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react/umd/react.production.min.js

Requested by

Host: meta.com-case81824.com
URL: https://meta.com-case81824.com/help/contact/371477532586933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d949f1c3687aedadcedac85261865f29b17cd273997e7f6b2bfc53b2f9d4c4dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://meta.com-case81824.com
Referer: https://meta.com-case81824.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"29ff-qneuTEn1Jbwh3h0E8Ipdc5YsfM4"
age: 13482
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 20 Nov 2024 13:26:53 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230081-FRA, cache-mad22034-MAD
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 4467
x-jsd-version: 18.3.1

GET
H2 200 react-dom.production.min.js Show response
cdn.jsdelivr.net/npm/react-dom/umd/ 129 KB
44 KB 328ms
76ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react-dom/umd/react-dom.production.min.js

Requested by

Host: meta.com-case81824.com
URL: https://meta.com-case81824.com/help/contact/371477532586933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

35f4f974f4b2bcd44da73963347f8952e341f83909e4498227d4e26b98f66f0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://meta.com-case81824.com
Referer: https://meta.com-case81824.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"202fb-/rjdydBWak+glxpuEThlhhjNrP4"
age: 3891
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 20 Nov 2024 13:26:53 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230141-FRA, cache-mad22034-MAD
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 44549
x-jsd-version: 18.3.1

GET
H2 200 react-bootstrap.min.js Show response
cdn.jsdelivr.net/npm/react-bootstrap@next/dist/ 116 KB
40 KB 285ms
33ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/react-bootstrap@next/dist/react-bootstrap.min.js

Requested by

Host: meta.com-case81824.com
URL: https://meta.com-case81824.com/help/contact/371477532586933

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

150523e0558852a799aae470ee18fdb61f89cf260ee6da8efd8687621156ae33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://meta.com-case81824.com
Referer: https://meta.com-case81824.com/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"1d187-o2+OYezMEsMzpEcT3E+ubsFUj8Q"
age: 7563
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Wed, 20 Nov 2024 13:26:53 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230077-FRA, cache-mad22034-MAD
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 40369
x-jsd-version: 2.9.0-beta.1

GET
H3 200 banner-b1482d4c.webp
meta.com-case81824.com/assets/ 19 KB
20 KB 47ms
45ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://meta.com-case81824.com/assets/banner-b1482d4c.webp
Requested by: Host: meta.com-case81824.com
URL: https://meta.com-case81824.com/assets/index-d076d531.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1482d4c704e1c61cdeb07b3fa9f32da4ab26930733bb54d1f123ff2ded13bb4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://meta.com-case81824.com/assets/index-d076d531.css

Response headers

cf-cache-status: HIT
etag: "4bf8-61a1081569d00"
age: 3519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xGBNnuoFQTSn7uKCK3TIj54TAn%2BTDpDt2RTOVRUvNX0f8Z7TfhT%2BXpXh4o6Bdq0%2Fc%2F3iaZ%2BJRBSviniCbqj%2Fulyvm6ol52AC6DJUfx9WMtqOtU6deZ5dH%2FLRMNCXNq%2BbPoNbbzPowxpU"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=56659&sent=102&recv=40&lost=0&retrans=0&sent_bytes=106170&recv_bytes=6391&delivery_rate=142104&cwnd=50400&unsent_bytes=0&cid=e81837bdb935e0a7&ts=1287&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 13:26:53 GMT
content-type: image/webp
last-modified: Tue, 04 Jun 2024 13:34:12 GMT
vary: Accept-Encoding
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8e58c638c996b8f4-AMS
accept-ranges: bytes
content-length: 19448
server: cloudflare

GET
H2 200 / Show response
api.ipify.org/ 22 B
296 B 264ms
109ms Fetch
application/json 104.26.12.205
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ipify.org/?format=json
Requested by: Host: meta.com-case81824.com
URL: https://meta.com-case81824.com/assets/index-148a98fb.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.12.205 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4d7c9d804f8b2f84596619f31c16044b85aea4a314526cdf3f7d1fa9213a191

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://meta.com-case81824.com/

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8e58c63a09220b43-AMS
access-control-allow-origin: *
server-timing: cfL4;desc="?proto=TCP&rtt=34660&sent=8&recv=11&lost=0&retrans=0&sent_bytes=4023&recv_bytes=2307&delivery_rate=85584&cwnd=252&unsent_bytes=0&cid=4cc891293d9f792e&ts=175&x=0"
content-length: 22
date: Wed, 20 Nov 2024 13:26:53 GMT
content-type: application/json
vary: Origin
server: cloudflare

GET
H3 200 facebook_logo_icon_147291-f2dfc6fd.ico
meta.com-case81824.com/assets/ 66 KB
7 KB 52ms
52ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://meta.com-case81824.com/assets/facebook_logo_icon_147291-f2dfc6fd.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2dfc6fd9ed43d5c82d0f40627d75a70c26dbfa9b6aa1c450fbd75e5f0ad2cfd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://meta.com-case81824.com/help/contact/371477532586933

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: HIT
etag: W/"1083e-61a1081569d00"
age: 3519
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eHzeKPM7omjVi72RM1dX365fdJ0oGLKES%2FVPSC4vv37EN5jBuPo7ogWbxKJ2NBVSTVfLJSuZ8qWiu4G6b0tmjL8gRZ9iHBOCJ5tTf6717uuR6JAaxGSkoFkCgLkK4kDyKcyGLK4J7Xxi"}],"group":"cf-nel","max_age":604800}
cf-ray: 8e58c639aac8b8f4-AMS
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=40451&sent=121&recv=45&lost=0&retrans=0&sent_bytes=126736&recv_bytes=6965&delivery_rate=605973&cwnd=50400&unsent_bytes=0&cid=e81837bdb935e0a7&ts=1427&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 13:26:53 GMT
content-type: image/x-icon
last-modified: Tue, 04 Jun 2024 13:34:12 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 212.7.210.178 Show response
freeipapi.com/api/json/ 403 B
953 B 269ms
54ms Fetch
application/json 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://freeipapi.com/api/json/212.7.210.178
Requested by: Host: meta.com-case81824.com
URL: https://meta.com-case81824.com/assets/index-148a98fb.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.3.11
Resource Hash: 708b7b1360b4f8c4be54867048e979c4e3230f8e5fc10e3c6826cfaf379d9b11

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://meta.com-case81824.com/

Response headers

cache-control: no-cache, private
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SVp9dgwFApuzXXUYZszSLVtTkNQ6Sma2HQ%2FCbPz8Vlj0n6LYJbfNzPfSH1peMZ0zUT1ZCnUw5xmA0cFoeY%2BwqNnTOb5biE3T0IRjmJs%2BwhPaCUIoc3rYPW8mgKdH2gDx"}],"group":"cf-nel","max_age":604800}
x-ratelimit-remaining: 59
cf-ray: 8e58c63c8d9f1caa-AMS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=23733&sent=12&recv=10&lost=0&retrans=0&sent_bytes=3998&recv_bytes=4433&delivery_rate=19571&cwnd=12000&unsent_bytes=0&cid=eed494312301411f&ts=163&x=1", cfHdrFlush;dur=0
date: Wed, 20 Nov 2024 13:26:54 GMT
x-ratelimit-limit: 60
content-type: application/json
x-powered-by: PHP/8.3.11
server: cloudflare

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Facebook (Social Network)

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| React object| ReactDOM object| ReactBootstrap object| Alert

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.ipify.org
cdn.jsdelivr.net
freeipapi.com
meta.com-case81824.com
104.26.12.205
188.114.96.3
188.114.97.3
2a04:4e42:400::485
2a06:98c1:3121::9
143c9e315c967196d3356ec4de89f0d2037af6806f64bb94173bbdddf77ce274
150523e0558852a799aae470ee18fdb61f89cf260ee6da8efd8687621156ae33
16ec511cfe42f56bffda06bc613057642645450d27a02baf2347a14461d02afb
35f4f974f4b2bcd44da73963347f8952e341f83909e4498227d4e26b98f66f0d
708b7b1360b4f8c4be54867048e979c4e3230f8e5fc10e3c6826cfaf379d9b11
7f1d37f0d90b6385354c2ac10e2bb91563c46bd7a266ed351222ebcac8496c2a
a4d7c9d804f8b2f84596619f31c16044b85aea4a314526cdf3f7d1fa9213a191
b1482d4c704e1c61cdeb07b3fa9f32da4ab26930733bb54d1f123ff2ded13bb4
d076d531cc08f01d753f7cda70ed0e97907546f161cbf470b72ef2fea31c1f0b
d949f1c3687aedadcedac85261865f29b17cd273997e7f6b2bfc53b2f9d4c4dd
f2dfc6fd9ed43d5c82d0f40627d75a70c26dbfa9b6aa1c450fbd75e5f0ad2cfd

meta.com-case81824.com Open in urlscan Pro 2a06:98c1:3121::9 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

11 Requests

100 %HTTPS

40 %IPv6

4 Domains

4 Subdomains

5 IPs

3 Countries

241 kBTransfer

853 kBSize

0 Cookies

0 Outgoing links

Redirected requests

11 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

4 JavaScript Global Variables

0 Cookies

Indicators

meta.com-case81824.com Open in urlscan Pro
2a06:98c1:3121::9 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

11
Requests

100 %
HTTPS

40 %
IPv6

4
Domains

4
Subdomains

5
IPs

3
Countries

241 kB
Transfer

853 kB
Size

0
Cookies

11 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!