![](/screenshots/1a4c1697-80d8-4e96-bfe4-b09756d9a2a6.png)
meta-businessappeal.pages.dev
Open in
urlscan Pro
172.66.47.54
Malicious Activity!
Public Scan
Effective URL: https://meta-businessappeal.pages.dev/
Submission: On March 22 via manual from AU — Scanned from AU
Summary
TLS certificate: Issued by GTS CA 1P5 on March 21st 2024. Valid for: 3 months.
This is the only time meta-businessappeal.pages.dev was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Facebook (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 2 | 13.210.3.213 13.210.3.213 | 16509 (AMAZON-02) (AMAZON-02) | |
13 | 172.66.47.54 172.66.47.54 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 142.250.204.3 142.250.204.3 | 15169 (GOOGLE) (GOOGLE) | |
4 | 142.251.221.67 142.251.221.67 | 15169 (GOOGLE) (GOOGLE) | |
19 | 3 |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-210-3-213.ap-southeast-2.compute.amazonaws.com
efficiency-customer-7314.my.salesforce-sites.com | |
efficiency-customerszone.my.salesforce-sites.com |
ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
13 |
pages.dev
meta-businessappeal.pages.dev |
811 KB |
6 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
2 MB |
2 |
salesforce-sites.com
2 redirects
efficiency-customer-7314.my.salesforce-sites.com efficiency-customerszone.my.salesforce-sites.com |
2 KB |
19 | 3 |
Domain | Requested by | |
---|---|---|
13 | meta-businessappeal.pages.dev |
meta-businessappeal.pages.dev
|
4 | fonts.gstatic.com |
meta-businessappeal.pages.dev
|
2 | www.gstatic.com |
meta-businessappeal.pages.dev
www.gstatic.com |
1 | efficiency-customerszone.my.salesforce-sites.com | 1 redirects |
1 | efficiency-customer-7314.my.salesforce-sites.com | 1 redirects |
19 | 5 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
meta-businessappeal.pages.dev GTS CA 1P5 |
2024-03-21 - 2024-06-19 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-02-26 - 2024-05-20 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://meta-businessappeal.pages.dev/
Frame ID: 6502BE252857B1F268A1BA328F460B3C
Requests: 19 HTTP requests in this frame
Screenshot
![](/screenshots/1a4c1697-80d8-4e96-bfe4-b09756d9a2a6.png)
Page Title
Meta For BusinessPage URL History Show full URLs
-
https://efficiency-customer-7314.my.salesforce-sites.com/meta
HTTP 301
https://efficiency-customerszone.my.salesforce-sites.com/meta HTTP 301
https://meta-businessappeal.pages.dev/ Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://efficiency-customer-7314.my.salesforce-sites.com/meta
HTTP 301
https://efficiency-customerszone.my.salesforce-sites.com/meta HTTP 301
https://meta-businessappeal.pages.dev/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
19 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
meta-businessappeal.pages.dev/ Redirect Chain
|
2 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flutter.js
meta-businessappeal.pages.dev/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.dart.js
meta-businessappeal.pages.dev/ |
2 MB 607 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
canvaskit.js
www.gstatic.com/flutter-canvaskit/b20183e04096094bcc37d9cde2a4b96f5cc684cf/chromium/ |
92 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FontManifest.json
meta-businessappeal.pages.dev/assets/ |
208 B 405 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
MaterialIcons-Regular.otf
meta-businessappeal.pages.dev/assets/fonts/ |
8 KB 5 KB |
Fetch
font/otf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CupertinoIcons.ttf
meta-businessappeal.pages.dev/assets/packages/cupertino_icons/assets/ |
1 KB 1 KB |
Fetch
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Me5WZLCzYlKw.ttf
fonts.gstatic.com/s/roboto/v20/ |
167 KB 90 KB |
Fetch
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
canvaskit.wasm
www.gstatic.com/flutter-canvaskit/b20183e04096094bcc37d9cde2a4b96f5cc684cf/chromium/ |
5 MB 1 MB |
Fetch
application/wasm |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
toastify.css
meta-businessappeal.pages.dev/assets/packages/fluttertoast/assets/ |
1 KB 1013 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
toastify.js
meta-businessappeal.pages.dev/assets/packages/fluttertoast/assets/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AssetManifest.json
meta-businessappeal.pages.dev/assets/ |
533 B 511 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AssetManifest.bin
meta-businessappeal.pages.dev/assets/ |
597 B 943 B |
Fetch
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bdeed3215d96c48ad8dd5237a1e60317ec6880c4fbec433cd7e0043804c932ef.ttf
fonts.gstatic.com/s/a/ |
35 KB 20 KB |
XHR
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5ced1045820caaac87af3f61ded09bacc90881f158d04c59dcce436fd02ad368.ttf
fonts.gstatic.com/s/a/ |
33 KB 21 KB |
XHR
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6461c35055a5c0f37ff2a046002ca747fc2120e9070ad00e352de94a94c642f5.ttf
fonts.gstatic.com/s/a/ |
123 KB 57 KB |
XHR
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img.jpg
meta-businessappeal.pages.dev/assets/assets/ |
93 KB 93 KB |
Fetch
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
meta.png
meta-businessappeal.pages.dev/assets/assets/ |
91 KB 92 KB |
Fetch
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
captcha.png
meta-businessappeal.pages.dev/assets/assets/ |
2 KB 2 KB |
Fetch
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Facebook (Social Network)4 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| _flutter function| CanvasKitInit object| flutterCanvasKit function| Toastify8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
efficiency-customer-7314.my.salesforce-sites.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
efficiency-customer-7314.my.salesforce-sites.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
efficiency-customer-7314.my.salesforce-sites.com/ | Name: BrowserId Value: Tj9oGOgGEe6QvdNxIaonCQ |
|
efficiency-customer-7314.my.salesforce-sites.com/ | Name: BrowserId_sec Value: Tj9oGOgGEe6QvdNxIaonCQ |
|
efficiency-customerszone.my.salesforce-sites.com/ | Name: CookieConsentPolicy Value: 0:1 |
|
efficiency-customerszone.my.salesforce-sites.com/ | Name: LSKey-c$CookieConsentPolicy Value: 0:1 |
|
efficiency-customerszone.my.salesforce-sites.com/ | Name: BrowserId Value: TtQG4ugGEe6TNfWRqhAD4w |
|
efficiency-customerszone.my.salesforce-sites.com/ | Name: BrowserId_sec Value: TtQG4ugGEe6TNfWRqhAD4w |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
efficiency-customer-7314.my.salesforce-sites.com
efficiency-customerszone.my.salesforce-sites.com
fonts.gstatic.com
meta-businessappeal.pages.dev
www.gstatic.com
13.210.3.213
142.250.204.3
142.251.221.67
172.66.47.54
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed
091c9a70994a2004ee02b04f111d40abe40c07b066856399f58c587042ec2990
116c2fb5f8cf53ca7ec7a2abf1d9fec115613c6eb2db3db3cd9fa120a7057122
30b2d25fa5b79fbe1679f2cf489a6d0b53a8ff004966b06949060dd1761c1abf
348b5977322716d93c106aafdeedfed62b1cb5f3243b05bf31e5b739d1698fd3
5ced1045820caaac87af3f61ded09bacc90881f158d04c59dcce436fd02ad368
6461c35055a5c0f37ff2a046002ca747fc2120e9070ad00e352de94a94c642f5
69baf44fea5b3efd3377babc154ef1b83bf8263b910202a8c7d6e745d751349f
84ba5c39b38b4ee9e4612c9208165b2dc6babca41339ccfa3de9ca3db371206e
8936e5e47c3abb92c5e362b29d7c2886b2cea87eeba9c3bf5f58003518ad4573
90111feab3058221a651563e55ad51d5a3c12ffc903e5096ccd0321928974718
99c17b96de568740e7a2b67172d4587475ea03ddd60eb491f99317f052ad2b80
afa2651805fcba1fdcb1ddc8e9b63e44dea2bc3e3622f6fcc551fb9409ab51de
b706f51b33636a563d519b041919b521c54b58c62f12364a0c3f3cfcb92fd5a3
b920d79f9c5eb273a28bd5aa3d55569d6476fe373cedc6b7b564c365bacd580f
bafe71aed5ee6a8a10e8cc5837885ad52282b579bfa6866ae752ecee11096531
bdeed3215d96c48ad8dd5237a1e60317ec6880c4fbec433cd7e0043804c932ef
cd7e03645bc44b2dd47b7cb626f51c4ecbf55a197ab77241628b47ac165fbe21
edccf79fc3831108798350c2ee86c5c0881dd022cca3ed7ec95ea6ebc5692709