Source: http://review-page-violation-issue-meta-center.vercel.app/ |
Avira URL Cloud: detection malicious, Label: phishing |
Source: http://review-page-violation-issue-meta-center.vercel.app/ |
SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering |
Source: https://review-page-violation-issue-meta-center.vercel.app/favicon.ico |
Avira URL Cloud: Label: phishing |
Source: https://review-page-violation-issue-xi.vercel.app/index-user.css |
Avira URL Cloud: Label: phishing |
Source: https://verified-badge.surge.sh/static/media/fbVideo.png.1fd476160a3ed7a2f565.png |
Avira URL Cloud: Label: phishing |
Source: https://review-page-violation-issue-xi.vercel.app |
LLM: Score: 9 brands: Facebook Reasons: The URL 'https://review-page-violation-issue-xi.vercel.app' is highly suspicious as it does not match the legitimate domain name 'facebook.com' associated with the Facebook brand. The page prominently displays a login form requesting sensitive information (c_user and xs), which is a common tactic used in phishing attacks. The page also uses social engineering techniques by claiming there is a 'Page Violation' to create a sense of urgency and trick users into providing their credentials. Additionally, the domain name is hosted on 'vercel.app', which is not associated with Facebook. There is no CAPTCHA present, which is often used on legitimate sites to prevent automated attacks. Based on these factors, it is highly likely that this site is a phishing site. DOM: 1.1.pages.csv |
Source: https://review-page-violation-issue-xi.vercel.app/form.html |
Matcher: Template: facebook matched with high similarity |
Source: https://review-page-violation-issue-meta-center.vercel.app/ |
HTTP Parser: No favicon |
Source: https://cdn.glitch.global/07e008b6-db29-44ab-8f97-cf6860d16bfe/detailed%20video.mp4?v=1719424079780 |
HTTP Parser: No favicon |
Source: unknown |
HTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.7:49711 version: TLS 1.2 |
Source: unknown |
HTTPS traffic detected: 23.211.8.90:443 -> 192.168.2.7:49714 version: TLS 1.2 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.50.201.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.50.201.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.50.201.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.50.201.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.50.201.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 23.211.8.90 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 204.79.197.203 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.50.201.200 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 104.98.116.138 |
Source: unknown |
TCP traffic detected without corresponding DNS query: 20.50.201.200 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: unknown |
UDP traffic detected without corresponding DNS query: 1.1.1.1 |
Source: global traffic |
HTTP traffic detected: GET / HTTP/1.1Host: review-page-violation-issue-meta-center.vercel.appConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: review-page-violation-issue-meta-center.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://review-page-violation-issue-meta-center.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /form.html HTTP/1.1Host: review-page-violation-issue-xi.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: documentReferer: https://review-page-violation-issue-meta-center.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /index-user.css HTTP/1.1Host: review-page-violation-issue-xi.vercel.appConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://review-page-violation-issue-xi.vercel.app/form.htmlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com |
Source: global traffic |
HTTP traffic detected: GET /static/media/fbVideo.png.1fd476160a3ed7a2f565.png HTTP/1.1Host: verified-badge.surge.shConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://review-page-violation-issue-xi.vercel.app/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9 |
Source: global traffic |
HTTP traffic detected: GET /AAABAAMAEBAAAAEAIABoBAAANgAAACAgAAABACAAKBEAAJ4EAAAwMAAAAQAgAGgmAADGFQAAKAAAABAAAAAgAAAAAQAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/wAAAZdXOiyYVzpPmFc6T5dXOiz/AAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAQEAEmFo5b5hYO+GYWTv/mFk7/5hZO/+YWTv/mFg74ZhaOW+AQEAEAAAAAAAAAAAAAAAAAAAAAAAAAACWWjwRmFg7wphZO/+YWTv/oWhN/7uRff+ufWb/mFk7/5hZO/+YWTv/mFg7wpZaPBEAAAAAAAAAAAAAAACAQEAEmFg7wphZO/+YWTv/mFk7/7SGcP//////2sS5/5hZO/+YWTv/mFk7/5hZO/+YWDvCgEBABAAAAAAAAAAAmFo5b5hZO/+YWTv/mFk7/5hZO/+0hnD//////9rEuf+YWTv/mFk7/5hZO/+YWTv/mFk7/5haOW8AAAAA/wAAAZhYO+GYWTv/mFk7/5hZO/+YWTv/tIZw///////axLn/mFk7/5hZO/+YWTv/mFk7/5hZO/+YWDvh/wAAAZdXOiyYWTv/mFk7/5hZO/+YWTv/mFk7/7SGcP//////2sS5/5hZO/+YWTv/mFk7/5hZO/+YWTv/mFk7/5dXOiyYVzpPmFk7/5hZO/+YWTv/mFk7/6x6Yv/Nr6D//////+fY0f+6kX3/qnZd/5hZO/+YWTv/mFk7/5hZO/+YVzpPmFc6T5hZO/+YWTv/mFk7/5hZO//VvLD//////////////////////9G1qP+YWTv/mFk7/5hZO/+YWTv/mFc6T5dXOiyYWTv/mFk7/5hZO/+YWTv/tYhz/9fAtP//////7ODb/8iomP+1iHL/mFk7/5hZO/+YWTv/mFk7/5dXOiz/AAABmFg74ZhZO/+YWTv/mFk7/5hZO/+0hnD//////9rEuv+YWTv/mFk7/5hZO/+YWTv/mFk7/5hYO+H/AAABAAAAAJhaOW+YWTv/mFk7/5hZO/+YWTv/rnxk///////x6eX/xKGQ/7CAav+YWTv/mFk7/5hZO/+YWjlvAAAAAAAAAACAQEAEmFg7wphZO/+YWTv/mFk7/5haPP/i0Mj////////////TuKz/mFk7/5hZO/+YWDvCgEBABAAAAAAAAAAAAAAAAJZaPBGYWDvCmFk7/5hZO/+YWTv/mVo8/7CAaf+6kHz/qnZd/5hZO/+YWDvCllo8EQAAAAAAAAAAAAAAAAAAAAAAAAAAgEBABJhaOW+YWDvhmFk7/5hZO/+YWTv/mFk7/5hYO+GYWjlvgEBABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/wAAAZdXOiyYVzpPmFc6T5dXOiz/AAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAAAACAAAABAAAAAAQAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACZZjMFm1g7PZdZOnOYWTqVl1k6p5dZOqeYWTqVl1k6c5tYOz2ZZjMFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACZWTkol1k7mJhZO++YWTv/mFk7/5hZO/+YWTv/mFk7/5hZO/+YWTv/mFk7/5hZO++XWTuYmVk5KAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACPYEAQmFg6mZhZO/yYWTv/mFk7/5hZO/+YWTv/mFk7/5hZO/+YWTv/mFk7/5hZO/+YWTv/mFk7/5hZO/+YWTv8mFg6mY9gQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmFg7NJhYO+GYWTv/mFk7/5hZO/+YWTv/mFk7/5hZO/+YWTv/mFk7/5hZO/+YWTv/mFk7/5hZO/+YWTv/mFk7/5hZO/+YWTv/mFg74 |