Report - warning-user-disabled.web.app/

Report Overview

Visited public
2023-09-26 11:38:30
Tags
meta facebook phishing social
URL
warning-user-disabled.web.app/
Finishing URL
warning-user-disabled.web.app/
IP / ASN
199.36.158.100
#54113 FASTLY
Title
Meta For Business
Phishing - Facebook

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
warning-user-disabled.web.app	unknown	2019-01-08	2023-09-26 02:09:12	2023-09-26 02:09:12	5.7 kB	371 kB	199.36.158.100
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-25 18:12:03	350 B	711 B	142.250.74.131
get.geojs.io	17418	2017-02-18	2017-03-30 20:44:25	2023-09-26 08:43:46	492 B	1.2 kB	104.26.0.100

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-26 11:38:14	medium	Client IP	Internal IP	ET INFO External IP Address Lookup Domain (get .geojs .io) in DNS Lookup
2023-09-26 11:38:14	medium	Client IP	Internal IP	ET INFO External IP Address Lookup Domain (get .geojs .io) in DNS Lookup
2023-09-26 11:38:14	medium	Client IP	104.26.0.100	ET INFO External IP Address Lookup Domain (get .geojs .io) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-09-25	medium	warning-user-disabled.web.app/	Facebook, Inc.
2023-09-25	medium	warning-user-disabled.web.app/	Facebook, Inc.
2023-09-25	medium	warning-user-disabled.web.app/	Facebook, Inc.
2023-09-25	medium	warning-user-disabled.web.app/	Facebook, Inc.
2023-09-25	medium	warning-user-disabled.web.app/	Facebook, Inc.
2023-09-25	medium	warning-user-disabled.web.app/	Facebook, Inc.
2023-09-25	medium	warning-user-disabled.web.app/	Facebook, Inc.
2023-09-25	medium	warning-user-disabled.web.app/	Facebook, Inc.
2023-09-25	medium	warning-user-disabled.web.app/	Facebook, Inc.
2023-09-25	medium	warning-user-disabled.web.app/	Facebook, Inc.
2023-09-25	medium	warning-user-disabled.web.app/	Facebook, Inc.
2023-09-25	medium	warning-user-disabled.web.app/	Facebook, Inc.

PhishTank

Scan Date	Severity	Indicator	Alert
2023-09-25	medium	warning-user-disabled.web.app/	Other
2023-09-25	medium	warning-user-disabled.web.app/scripts.d47fdc26107e01f2.js	Other
2023-09-25	medium	warning-user-disabled.web.app/runtime.458052addb514b0e.js	Other
2023-09-25	medium	warning-user-disabled.web.app/polyfills.e26111d8cb175e34.js	Other
2023-09-25	medium	warning-user-disabled.web.app/styles.4d53fa294ad728b8.css	Other
2023-09-25	medium	warning-user-disabled.web.app/main.8250012d84073bed.js	Other
2023-09-25	medium	warning-user-disabled.web.app/assets/images/fbv2.jpg	Other
2023-09-25	medium	warning-user-disabled.web.app/assets/images/metav2.svg	Other
2023-09-25	medium	warning-user-disabled.web.app/assets/images/mail.png	Other
2023-09-25	medium	warning-user-disabled.web.app/assets/images/avatar.png	Other
2023-09-25	medium	warning-user-disabled.web.app/assets/images/bg.jpg	Other
2023-09-25	medium	warning-user-disabled.web.app/favicon.ico	Other

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	From	Size	First Seen	Last Seen
	warning-user-disabled.web.app/runtime.458052addb514b0e.js	ScriptElement	929 B	2023-07-01	2024-12-06
Pretty URL warning-user-disabled.web.app/runtime.458052addb514b0e.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-01 12:55 Last Seen2024-12-06 10:16 Times Seen109 Hash a1f89d4627633cb53d875df273e65a2a 0757ecb4c893f2468c799286853bd1b1d3feeee1 514651024b3ee42f52719fbd2f91da9dfa920d9dd72c63795d41987d7a9a61dd Loading...

	warning-user-disabled.web.app/polyfills.e26111d8cb175e34.js	ScriptElement	34 kB	2023-08-11	2024-12-06
Pretty URL warning-user-disabled.web.app/polyfills.e26111d8cb175e34.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-11 07:47 Last Seen2024-12-06 10:16 Times Seen104 Hash 18c47078c97fdd46790abcb8bdc594dd fc77fbd21326f08e09c87cd170b703945bfef127 956d35c5bec6112f3816aa7bc6d53fcefb68d8972168347dd37b5c1bf69e8ff0 Loading...

	warning-user-disabled.web.app/scripts.d47fdc26107e01f2.js	ScriptElement	147 kB	2023-08-11	2024-12-06
Pretty URL warning-user-disabled.web.app/scripts.d47fdc26107e01f2.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-11 07:47 Last Seen2024-12-06 10:16 Times Seen104 Hash 5e7429550d2dc78f876e578fdd475120 f55fbf853c72b42b42ea33afbeea0ce238f2d6e2 f6b38cdde3ce1d2c03087042af8867eb12ff0fe242974767b089304afbd6a085 Loading...

	unknown	EventHandler	16 B	2023-04-10	2025-05-09
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 15:57 Last Seen2025-05-09 11:27 Times Seen56570 Hash 7c3c3ddeb80438dcbb3d081d2d00e152 5a4016732ee72ec77b4f6ab17047bcea6d2ea34d 321b4f657afbf8ba49518e6ab4cbad07ea967d0b4c68f71c7deed05ed09c1187 Loading...

	warning-user-disabled.web.app/main.8250012d84073bed.js	ScriptElement	353 kB	2023-09-25	2023-09-26
Pretty URL warning-user-disabled.web.app/main.8250012d84073bed.js IP 199.36.158.100 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-25 06:59 Last Seen2023-09-26 13:39 Times Seen6 Hash c88edfa0041e8bb6c479f932349564bc 42a0d21751f6fd9abeccc948b7b847c8097e7888 a49bd8e355e21dd49bc36906a1b3799f08cf99d1f86a9844d56ed0febde1ce44 Loading...

HTTP Transactions (14)

URL IP Response Size

warning-user-disabled.web.app/

199.36.158.100

200 OK

1.7 kB

URL User Request GET HTTP/2
warning-user-disabled.web.app/
IP
199.36.158.100:443
ASN
#54113 FASTLY

Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint10:A7:AE:98:C9:44:F3:06:82:AB:75:C5:C5:A6:80:ED:65:ED:60:A8
ValidityMon, 11 Sep 2023 19:25:25 GMT - Sun, 10 Dec 2023 19:25:24 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4819), with CRLF, LF line terminators
Size
1.7 kB (1727 bytes)
Hash
40baea651efddb5e0e76ffcc56ca19ae
d8ed3f948f47a3d4162c6ad7be5eb525f2350ca0
1c28f860c54023ed0239a0fd4383b7ae7844eff446ac7295f2785fe4d0d856e4

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.
PhishTank	phishing	Other

HTTP Headers

GET / HTTP/1.1
Host: warning-user-disabled.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
cache-control: max-age=3600
content-encoding: br
content-type: text/html; charset=utf-8
etag: "8f06f9f1677a9f046d2d259b95d0b995e5d4022fb00724122831600c9f7b252d-br"
last-modified: Sat, 23 Sep 2023 03:43:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 26 Sep 2023 11:38:13 GMT
x-served-by: cache-bma1631-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1695728293.068317,VS0,VE53
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1727
X-Firefox-Spdy: h2

ocsp.pki.goog/s/gts1d4int/jQWwUygpljQ

142.250.74.131

471 B

URL
ocsp.pki.goog/s/gts1d4int/jQWwUygpljQ
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
6fa58fa063fc0405beb2915c8528ddba
a53043de0877d6b29d752e86422e0a5952e129a0
72264dd7871bee98e4452fbc345234ab14804efc672f27a4460d883dec499b21

HTTP Headers

POST /s/gts1d4int/jQWwUygpljQ HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 26 Sep 2023 11:38:13 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

warning-user-disabled.web.app/scripts.d47fdc26107e01f2.js

199.36.158.100

200 OK

43 kB

URL GET HTTP/3
warning-user-disabled.web.app/scripts.d47fdc26107e01f2.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://warning-user-disabled.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint10:A7:AE:98:C9:44:F3:06:82:AB:75:C5:C5:A6:80:ED:65:ED:60:A8
ValidityMon, 11 Sep 2023 19:25:25 GMT - Sun, 10 Dec 2023 19:25:24 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
43 kB (42807 bytes)
Hash
5e7429550d2dc78f876e578fdd475120
f55fbf853c72b42b42ea33afbeea0ce238f2d6e2
f6b38cdde3ce1d2c03087042af8867eb12ff0fe242974767b089304afbd6a085

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.
PhishTank	phishing	Other

HTTP Headers

GET /scripts.d47fdc26107e01f2.js HTTP/1.1
Host: warning-user-disabled.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://warning-user-disabled.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 42807
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "86f220e1f38820501549a667fd14575fde74d8b483732cca0af1744d84ab275e-br"
last-modified: Sat, 23 Sep 2023 03:43:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 26 Sep 2023 11:38:13 GMT
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1695728294.779512,VS0,VE85
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

warning-user-disabled.web.app/runtime.458052addb514b0e.js

199.36.158.100

200 OK

524 B

URL GET HTTP/3
warning-user-disabled.web.app/runtime.458052addb514b0e.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://warning-user-disabled.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint10:A7:AE:98:C9:44:F3:06:82:AB:75:C5:C5:A6:80:ED:65:ED:60:A8
ValidityMon, 11 Sep 2023 19:25:25 GMT - Sun, 10 Dec 2023 19:25:24 GMT

File type
ASCII text, with very long lines (929), with no line terminators
Size
524 B (524 bytes)
Hash
a1f89d4627633cb53d875df273e65a2a
0757ecb4c893f2468c799286853bd1b1d3feeee1
514651024b3ee42f52719fbd2f91da9dfa920d9dd72c63795d41987d7a9a61dd

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
PhishTank	phishing	Other

HTTP Headers

GET /runtime.458052addb514b0e.js HTTP/1.1
Host: warning-user-disabled.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://warning-user-disabled.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 524
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "76ef77f23478ccbf8a65785c50b3f1bd662e0931ec2796c0f56b15f5fa4bd134-br"
last-modified: Sat, 23 Sep 2023 03:43:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 26 Sep 2023 11:38:13 GMT
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1695728294.777917,VS0,VE132
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

warning-user-disabled.web.app/polyfills.e26111d8cb175e34.js

199.36.158.100

200 OK

11 kB

URL GET HTTP/3
warning-user-disabled.web.app/polyfills.e26111d8cb175e34.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://warning-user-disabled.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint10:A7:AE:98:C9:44:F3:06:82:AB:75:C5:C5:A6:80:ED:65:ED:60:A8
ValidityMon, 11 Sep 2023 19:25:25 GMT - Sun, 10 Dec 2023 19:25:24 GMT

File type
ASCII text, with very long lines (33825), with no line terminators
Size
11 kB (10886 bytes)
Hash
18c47078c97fdd46790abcb8bdc594dd
fc77fbd21326f08e09c87cd170b703945bfef127
956d35c5bec6112f3816aa7bc6d53fcefb68d8972168347dd37b5c1bf69e8ff0

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.
PhishTank	phishing	Other

HTTP Headers

GET /polyfills.e26111d8cb175e34.js HTTP/1.1
Host: warning-user-disabled.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://warning-user-disabled.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 10886
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "fb31046df0f5d649edb32f21775fb20a82133a779721eb1b3a209b4d7b07ce9d-br"
last-modified: Sat, 23 Sep 2023 03:43:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 26 Sep 2023 11:38:13 GMT
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1695728294.778448,VS0,VE134
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

warning-user-disabled.web.app/styles.4d53fa294ad728b8.css

199.36.158.100

200 OK

22 kB

URL GET HTTP/3
warning-user-disabled.web.app/styles.4d53fa294ad728b8.css
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://warning-user-disabled.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint10:A7:AE:98:C9:44:F3:06:82:AB:75:C5:C5:A6:80:ED:65:ED:60:A8
ValidityMon, 11 Sep 2023 19:25:25 GMT - Sun, 10 Dec 2023 19:25:24 GMT

File type
ASCII text, with very long lines (65348)
Size
22 kB (22371 bytes)
Hash
d52b64e2c1e7e4317bd55048f4118720
fb917958135d04a9c429a65c904b3d069d8f3bd3
705b25adcd4d9acbb422763e5463daa5d88ef46137e1196fefbfa194d4a96b2b

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.
PhishTank	phishing	Other

HTTP Headers

GET /styles.4d53fa294ad728b8.css HTTP/1.1
Host: warning-user-disabled.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://warning-user-disabled.web.app/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 22371
cache-control: max-age=3600
content-encoding: br
content-type: text/css; charset=utf-8
etag: "d6b360201b2cf8f8f5ae3ce80f7142c700231f7cb442895eb1c1f453634adba0-br"
last-modified: Sat, 23 Sep 2023 03:43:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 26 Sep 2023 11:38:13 GMT
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1695728294.785079,VS0,VE148
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

warning-user-disabled.web.app/main.8250012d84073bed.js

199.36.158.100

200 OK

98 kB

URL GET HTTP/3
warning-user-disabled.web.app/main.8250012d84073bed.js
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://warning-user-disabled.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint10:A7:AE:98:C9:44:F3:06:82:AB:75:C5:C5:A6:80:ED:65:ED:60:A8
ValidityMon, 11 Sep 2023 19:25:25 GMT - Sun, 10 Dec 2023 19:25:24 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
98 kB (97935 bytes)
Hash
c88edfa0041e8bb6c479f932349564bc
42a0d21751f6fd9abeccc948b7b847c8097e7888
a49bd8e355e21dd49bc36906a1b3799f08cf99d1f86a9844d56ed0febde1ce44

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.
PhishTank	phishing	Other

HTTP Headers

GET /main.8250012d84073bed.js HTTP/1.1
Host: warning-user-disabled.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://warning-user-disabled.web.app/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 97935
cache-control: max-age=3600
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: "856e4bec9617be71e870956f37dcd42467c1aa60a35dc1ad034bc9bd413bc107-br"
last-modified: Sat, 23 Sep 2023 03:43:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 26 Sep 2023 11:38:13 GMT
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1695728294.783877,VS0,VE202
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

warning-user-disabled.web.app/assets/images/fbv2.jpg

199.36.158.100

200 OK

2.6 kB

URL GET HTTP/3
warning-user-disabled.web.app/assets/images/fbv2.jpg
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://warning-user-disabled.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint10:A7:AE:98:C9:44:F3:06:82:AB:75:C5:C5:A6:80:ED:65:ED:60:A8
ValidityMon, 11 Sep 2023 19:25:25 GMT - Sun, 10 Dec 2023 19:25:24 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPCM), density 236x236, segment length 16, progressive, precision 8, 236x236, components 3\012- data
Size
2.6 kB (2598 bytes)
Hash
e165af495d51ef5b46cad3d602a2a5f8
e3d73bf45f360750678f666b4fa51553aad7090d
171f1b3ac7b11ef605b96f91537ed2cc32ab21d7233733114a923d21d552b021

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
PhishTank	phishing	Other

HTTP Headers

GET /assets/images/fbv2.jpg HTTP/1.1
Host: warning-user-disabled.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://warning-user-disabled.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 2598
cache-control: max-age=3600
content-encoding: br
content-type: image/jpeg
etag: "67d395abf7e22d73484f5ce7e074dbcffe57cb4e0106c282080f3869571c7489-br"
last-modified: Sat, 23 Sep 2023 03:43:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 26 Sep 2023 11:38:14 GMT
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1695728294.171438,VS0,VE139
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

warning-user-disabled.web.app/assets/images/metav2.svg

199.36.158.100

200 OK

1.5 kB

URL GET HTTP/3
warning-user-disabled.web.app/assets/images/metav2.svg
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://warning-user-disabled.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint10:A7:AE:98:C9:44:F3:06:82:AB:75:C5:C5:A6:80:ED:65:ED:60:A8
ValidityMon, 11 Sep 2023 19:25:25 GMT - Sun, 10 Dec 2023 19:25:24 GMT

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (1065), with CRLF line terminators
Size
1.5 kB (1513 bytes)
Hash
9b335949f31c71ece0fd3d452d9db168
4b3df4457435d62846f471d1f5be3e873b01e82f
3957151c7a511ea40978ce0d6244d7d20335eb91be7acfb2256f1d0397b293bf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
PhishTank	phishing	Other

HTTP Headers

GET /assets/images/metav2.svg HTTP/1.1
Host: warning-user-disabled.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://warning-user-disabled.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 1513
cache-control: max-age=3600
content-encoding: br
content-type: image/svg+xml
etag: "a8677fe3c157f66f3d6775e5e224bd42430dd445c6d9a39423cfc4c2669355d7-br"
last-modified: Sat, 23 Sep 2023 03:43:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 26 Sep 2023 11:38:14 GMT
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1695728294.171483,VS0,VE140
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

warning-user-disabled.web.app/assets/images/mail.png

199.36.158.100

200 OK

35 kB

URL GET HTTP/3
warning-user-disabled.web.app/assets/images/mail.png
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://warning-user-disabled.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint10:A7:AE:98:C9:44:F3:06:82:AB:75:C5:C5:A6:80:ED:65:ED:60:A8
ValidityMon, 11 Sep 2023 19:25:25 GMT - Sun, 10 Dec 2023 19:25:24 GMT

File type
PNG image data, 980 x 980, 8-bit/color RGBA, non-interlaced\012- data
Size
35 kB (34701 bytes)
Hash
fcc1a02c43f8b747800efad74e216e10
04f58768630dbec54244fb92f763f498a5847300
959efe16cdf285e6e9152f5eda5494c2dfc5bc23ce250380f6ee7a9b511e97d1

Detections

Analyzer	Verdict	Alert
OpenPhish	phishing	Facebook, Inc.
PhishTank	phishing	Other

HTTP Headers

GET /assets/images/mail.png HTTP/1.1
Host: warning-user-disabled.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://warning-user-disabled.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 34701
cache-control: max-age=3600
content-encoding: gzip
content-type: image/png
etag: "05818032630223eef23d3a21f51ede5294f9932f9e1620771bce713bd60d2ab8"
last-modified: Sat, 23 Sep 2023 03:43:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 26 Sep 2023 11:38:14 GMT
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1695728294.171455,VS0,VE176
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

warning-user-disabled.web.app/assets/images/avatar.png

199.36.158.100

200 OK

57 kB

URL GET HTTP/3
warning-user-disabled.web.app/assets/images/avatar.png
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://warning-user-disabled.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint10:A7:AE:98:C9:44:F3:06:82:AB:75:C5:C5:A6:80:ED:65:ED:60:A8
ValidityMon, 11 Sep 2023 19:25:25 GMT - Sun, 10 Dec 2023 19:25:24 GMT

File type
PNG image data, 662 x 664, 8-bit/color RGBA, non-interlaced\012- data
Size
57 kB (57170 bytes)
Hash
02fb04256d936e0d83a6340a1d1f3af4
b8bfe3b59f0dc0d7841d17f4352ac2ce0feb2238
0734468737b7eaf71a997b518a6b70a4ec17d136f41bf3bb562429bbea1de8cb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
PhishTank	phishing	Other

HTTP Headers

GET /assets/images/avatar.png HTTP/1.1
Host: warning-user-disabled.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://warning-user-disabled.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 57170
cache-control: max-age=3600
content-encoding: gzip
content-type: image/png
etag: "0abff7c492d5592d85ce2d6bafe5a86ffcbd23e430576049555a99773d24d4c0"
last-modified: Sat, 23 Sep 2023 03:43:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 26 Sep 2023 11:38:14 GMT
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1695728294.171410,VS0,VE183
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

warning-user-disabled.web.app/assets/images/bg.jpg

199.36.158.100

200 OK

76 kB

URL GET HTTP/3
warning-user-disabled.web.app/assets/images/bg.jpg
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://warning-user-disabled.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint10:A7:AE:98:C9:44:F3:06:82:AB:75:C5:C5:A6:80:ED:65:ED:60:A8
ValidityMon, 11 Sep 2023 19:25:25 GMT - Sun, 10 Dec 2023 19:25:24 GMT

File type
JPEG image data, baseline, precision 8, 1920x175, components 3\012- data
Size
76 kB (76203 bytes)
Hash
49a366b72644f04ea8efccf9550fb0a5
54492aa337fc8ee34297a04fd789d202fba78d58
289d99b21fae145c868238c0c499dcf8e84bea445b63e47e3406acfe98e20a34

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
PhishTank	phishing	Other

HTTP Headers

GET /assets/images/bg.jpg HTTP/1.1
Host: warning-user-disabled.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://warning-user-disabled.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 76203
cache-control: max-age=3600
content-encoding: br
content-type: image/jpeg
etag: "7f1f63f4fcd132f1b4eaa76b9572f90894bb86906ab87a9b26ab162eed168b15-br"
last-modified: Sat, 23 Sep 2023 03:43:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 26 Sep 2023 11:38:14 GMT
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1695728294.199682,VS0,VE176
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

warning-user-disabled.web.app/favicon.ico

199.36.158.100

200 OK

15 kB

URL GET HTTP/3
warning-user-disabled.web.app/favicon.ico
IP
199.36.158.100:443
ASN
#54113 FASTLY

Requested by
https://warning-user-disabled.web.app/
Certificate
IssuerGoogle Trust Services LLC
Subjectweb.app
Fingerprint10:A7:AE:98:C9:44:F3:06:82:AB:75:C5:C5:A6:80:ED:65:ED:60:A8
ValidityMon, 11 Sep 2023 19:25:25 GMT - Sun, 10 Dec 2023 19:25:24 GMT

File type
MS Windows icon resource - 6 icons, 256x256 with PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced, 32 bits/pixel, -128x-128, 32 bits/pixel\012- data
Size
15 kB (15277 bytes)
Hash
d651c1d04dff0a7bfd8dbd30102780de
111f776ec0200627ac99f088af0edd163c435914
05f09d3d9a4ef961bcf72ee012b6739bd823e04e894f5f4c04218237b56d7189

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Facebook
OpenPhish	phishing	Facebook, Inc.
PhishTank	phishing	Other

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: warning-user-disabled.web.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://warning-user-disabled.web.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 15277
cache-control: max-age=3600
content-encoding: br
content-type: image/x-icon
etag: "cb92d0a0461c2b8b9c8b3069b9369dae6089c331b6dbc04e6080a309fd7863ee-br"
last-modified: Sat, 23 Sep 2023 03:43:37 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
accept-ranges: bytes
date: Tue, 26 Sep 2023 11:38:14 GMT
x-served-by: cache-bma1649-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1695728294.400702,VS0,VE55
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

get.geojs.io/v1/ip/geo.json

104.26.0.100

200 OK

335 B

URL GET HTTP/2
get.geojs.io/v1/ip/geo.json
IP
104.26.0.100:443
ASN
#13335 CLOUDFLARENET

Requested by
https://warning-user-disabled.web.app/
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintEB:CA:6A:D8:FF:32:A1:B5:BE:F9:8E:E2:0F:EE:72:9C:7C:EF:7E:C3
ValidityTue, 11 Apr 2023 00:00:00 GMT - Wed, 10 Apr 2024 23:59:59 GMT

File type
troff or preprocessor input, ASCII text, with very long lines (393), with no line terminators
Size
335 B (335 bytes)
Hash
5e0912ac085491670f30687914352893
16edd49964a5e91e01e662beb10fe388a9b7ab60
aaacf880f054aa8aea935059706bf7f99b7aee8c8fd0f96723a77da6fe1e7080

HTTP Headers

GET /v1/ip/geo.json HTTP/1.1
Host: get.geojs.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://warning-user-disabled.web.app
DNT: 1
Connection: keep-alive
Referer: https://warning-user-disabled.web.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 26 Sep 2023 11:38:14 GMT
content-type: application/json
x-request-id: 74b62c08d043182e7ad8ade9ecd218a2-AMS
strict-transport-security: max-age=15552000; includeSubDomains; preload
access-control-allow-origin: *
access-control-allow-methods: GET
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, private, max-age=0
x-geojs-location: AMS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vdICleJCsE1d2TvVeJC%2BRKHQ%2FGD0Vbi1YtgvU9eSjD%2BaLmDZhsRXtz%2FcrmtfNPO5D85ifb1gQVU9JNpJgnBTbldhKsjveYzCSsDL5W4CB%2B3lNawjZzmCrAkHDAvwHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-content-type-options: nosniff
server: cloudflare
cf-ray: 80cb382eaca8568a-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (14)

URL User Request GET HTTP/2

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL GET HTTP/3

IP

ASN

Requested by

Certificate

File type

Size

Hash